Share via

An older email account (@outlook) was hacked and someone changed the 2 factor email.

Lawrence Pfeffer 0 Reputation points
2026-02-27T21:34:46.29+00:00

I received a 'suspicious activity' email at my main account this morning, referring to an older account I use only rarely. When I tried to log into that older account, it seems someone has added 2 factor and set to an email I don't recognize. I tried several times to use the recovery form, but I seems I don't have enough info about recent emails I sent or their subjects, since I have not used this account in over a year.

The recovery form attempts keeps getting rejected. Now I tried too many times so is making me wait a day. How can I speak or chat with a real person so this can be escallated?

Windows for home | Windows 11 | Security and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. John Jefferson Doyon 61,530 Reputation points Independent Advisor
    2026-02-27T22:08:36.65+00:00

    Hi, I'm John!

    If you haven’t already, you can try using the Microsoft Self-help tool:

    You can also use the Xbox recovery form here:

    If the issue still persists, and the email address has been changed and two-factor authentication has been enabled by the hacker, unfortunately, the account may no longer be recoverable.

    0 comments
  2. Q&A Assist
    2026-02-27T21:35:03.9066667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    For a hacked Microsoft/Outlook account where the recovery form is failing and 2FA has been changed by an attacker, only the official self-service recovery and support paths can be used; support agents cannot bypass them or manually reset security info.

    Follow these steps:

    1. Use the Sign-in Helper / hacked-account troubleshooter
    • Start with the official hacked/compromised account guide: How to recover a hacked or compromised Microsoft account.
    • Use the Start/Sign-in Helper tool there. It will ask for the email or phone and then either:
      • Offer self-help flows (password reset, account recovery), or
      • Offer a path to contact an agent (chat) when available for the scenario.
    1. Use the Microsoft account recovery form correctly Since the attacker changed security info and the account is rarely used, the recovery form is the primary option:
    • Go to the Account recovery form.
    • Because there is now a lockout from too many attempts, wait until the 24‑hour cooldown fully expires before trying again.
    • Before the next attempt, follow the guidance in Help with the Microsoft account recovery form:
      • Ensure a working alternate email where Microsoft can contact about the request (this can be any account, even a friend’s) as described in Step 1.
      • In Step 2, gather as much information as possible:
        • Old passwords used on that account.
        • Any contacts or email addresses that were ever emailed from that account.
        • Exact subject lines of messages sent from that account (ask friends/family who still have old emails).
        • Details of Microsoft services used with that account (Outlook.com, Skype, Xbox, etc.).
      • Complete the form from a device and location previously used with that account (home PC, usual network) to improve the automated checks.
    • Answer as many questions as possible; wrong answers do not count against the request, but missing data reduces the chance of success.
    1. If recovery is unsuccessful
    • If the recovery request is rejected, it can be retried up to two times per day after the cooldown, improving the details each time, as described in Account recovery unsuccessful.
    • If two-step verification was enabled and none of the verification methods are accessible, support agents are not allowed to override or reset this for security reasons. In that case, if the form continues to fail, the account may not be recoverable.
    1. Options to reach a human (chat)
    • Use the hacked-account Sign-in Helper from the official guide. When appropriate, it may offer chat with an agent or similar support options based on region and account type.
    • For Outlook.com accounts that are blocked or show unusual activity, the Sign-in Helper is also the entry point; if self-service fails, it can route to additional support where available.

    Because of Microsoft’s security model for consumer accounts, phone or chat agents cannot manually verify identity or change security details outside these automated flows. Escalation is only possible through the paths exposed by the Sign-in Helper and the recovery form.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.