Share via

account has been taken over

Kai Coulson 0 Reputation points
2026-02-26T16:54:47.9+00:00

i gave my info to an unofficial website and then 2 min later it says 2 factor authentication has been activated, Ive been removed from the microsoft family, passwords reset, verifacation app set up and an unknown email set of for recovery. ive tried contacting microsoft support but i get some ai. i have the main email that ive been using with microsoft for years debit cards xbox ids, but everything i do says it doesnt matter because 2 factor authentication is set up. i made this account because i couldnt even get on the support page without an account. i need to verify im me with someone in microsoft and that im the original owner so i can remove their emails set up my own 2 factor authentication and get my account back.

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Chloe-L 10,340 Reputation points Microsoft External Staff Moderator
    2026-02-26T21:59:34.5566667+00:00

    Hello Kai Coulson

    Thank you for posting your question to the Microsoft Q&A forum. I am truly sorry to hear that you have fallen victim to a phishing site and lost access to your account, and I understand how stressful it is to lose an account you have used for years, especially when you have clear proof of ownership like linked debit cards and Xbox IDs. 

    Note: for strict security and privacy reasons, Microsoft support agents do not have the ability to manually bypass the automated security system, disable Two-Factor Authentication (2FA), or verify account ownership using external documents like IDs, bank statements, or previous billing details. 

    When the unauthorized person gained access and enabled 2FA (and changed the recovery emails), they effectively locked the account at the highest security tier. By design, once 2FA is active on an account, the standard Microsoft Account Recovery Form is permanently disabled by the system. This is why the automated prompts keep rejecting your efforts—the system is strictly enforcing the 2FA protocol, and human agents are locked out of overriding it. 

    Because the attacker now controls the authenticator app and the recovery email, recovering this specific account is, unfortunately, highly unlikely. Right now, your absolute priority must be damage control to protect your finances and personal data. 

    Please take these immediate steps to protect yourself: 

    Step 1: Secure Your Financial Information 

    Since you mentioned having debit cards linked to the account (such as for Xbox purchases), please contact your bank or credit card company immediately. 

    • Inform them that the Microsoft account linked to those cards has been compromised. 
    • Request to block any upcoming charges from Microsoft or Xbox, and strongly consider having new cards issued to prevent unauthorized purchases. 

    Step 2: Notice Your Contacts and Family 

    • Since you were removed from a Microsoft Family group, please reach out to the Family Organizer and other members outside of the Microsoft network so they are aware your old account is now in the hands of a hacker. 
    • Warn your friends (especially on the Xbox network or via email contacts) not to accept any unusual requests, money solicitations, or links coming from your compromised account. 

    Step 3: Secure Other Accounts 

    • If you used the same password from your compromised Microsoft account on any other websites, social media, or services, please change those passwords immediately. 
    • Enable 2FA on those other platforms using your own phone or authenticator app to prevent a domino effect. 

    Step 4: Contact Microsoft Support for Further Guidance 

    While the support team cannot manually bypass the Two-Factor Authentication to restore your access, you may still want to reach out to them to report the account as compromised. They can sometimes assist in suspending the account permanently to prevent the attacker from using it further, or help investigate the unauthorized billing charges. 

    • Please go to the Contact Microsoft Support page. 
    • Select Microsoft 365 (or Xbox) > Get Home Support
    • Type "Account compromised" and follow the prompts. Scroll to the bottom and select Contact Support to request a chat with a live agent to discuss your account suspension and billing options. 

    I know this is absolutely not the outcome or the answer you were hoping for, and I genuinely wish there was a direct human channel to bypass the 2FA for you. Please focus on securing your bank accounts and connected services as quickly as possible. 

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. 

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.