Share via

unauthorized access to my Microsoft account made unauthorized purchases of 9 X 64.94 on 2/23/26

Elie Haddad 0 Reputation points
2026-02-27T22:35:27.9666667+00:00

It seems that someone from a different country gained access to my Microsoft Account and used my saved ATM card of my account to place 9 orders of the same item @ $64.94 as gift cards sent to random email addresses, without my knowledge or consent. I only found out about these purchases when I checked my Bank account. The orders were made within 1 min of each other back to back to back. I do not have a need or even know what those items are, and I am not the one who placed these orders, and need help to investigate and refund/recover ~$580 of my money.

I have already changed my Microsoft account password. My Bank already cancelled my ATM/Visa card, and in the process of replacing it. I could use your help/instructions to make sure that my microsoft account will never again be hacked into and prevent any future unauthorized purchases by anyone else. Even in my family, I am the only person who is authorized to place any orders.

Microsoft 365 and Office | Microsoft Family Safety | For home | Windows
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jeronimo Fuerte 35,230 Reputation points Independent Advisor
    2026-02-27T23:10:40.5033333+00:00

    Hi! The password change is a good start. You should also check that your contact methods remain the same here:

    https://account.live.com/proofs/manage/additional

    After that, close all your open sessions. You will need to log back in to all your devices, but it's safer this way:

    https://account.live.com/proofs/manage/additional

    After this, please review the next link to see if any apps that you don’t know have access to your account and delete them:

    https://microsoft.com/consent

    Finally, do this in Outlook from Edge:

    Sign in to Outlook.com

    Click on the gear icon (Settings) in the upper right corner.

    Look for and open Mail settings.

    Go to the Rules section and check if there are any rules you didn’t create. If there are any suspicious rules (for example: “forward everything to @.___” or “move everything to Deleted”), delete them immediately.

    Also check in Forwarding and IMAP and make sure there are no addresses added. If there is one and it’s not yours, remove the forwarding.

    0 comments
  2. Q&A Assist
    2026-02-27T22:35:50.08+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Take these steps immediately to secure the account, stop further charges, and request refunds.

    1. Secure the Microsoft account
    • Go to the Security basics page and sign in.
    • Select Review activity and check the Recent activity page for sign-ins and purchases from unknown locations or devices.
      • For any activity that was not done by you, expand it and choose This wasn't me (for Unusual activity) or Secure your account (for Recent activity). This helps Microsoft flag the account as compromised and guide through securing it.
    • On the Security basics page, select Change password and set a strong, unique password that is not used on any other site.
    1. Confirm the account is not still compromised
    • If sign-in fails or it appears someone changed the password again, follow the steps in When you can't sign in to your Microsoft account and choose I think someone else is using my Microsoft account when prompted.
    • Complete the recovery process so only you control the account.
    1. Prevent unauthorized Microsoft Store purchases On each Windows device that might use this account, require a password for every purchase so nobody can buy items without explicit approval.

    Windows 11:

    1. Open the Microsoft Store app.
    2. Select Profile in the upper-right corner, then App settings.
    3. Turn off Purchase sign-in so that a password is always required for checkout.
    4. Repeat on every shared device.

    Windows 10:

    1. Open the Microsoft Store app.
    2. Select the profile icon in the upper-right corner, then Settings.
    3. Under Purchase sign-in, turn off I want to buy without a password, for faster checkout.
    4. Repeat on every shared device.

    If there are children or other family members using Microsoft devices, also:

    • Review and track their purchases using Keep track of your child's Microsoft Store purchases.
    • Configure spending limits and require adult approval for all purchases so that only the authorized adult can complete orders.
    1. Investigate and dispute the fraudulent charges
    • Review the Microsoft account Order history and match the 9 × $64.94 transactions with the bank statement.
    • For each unrecognized purchase, follow the guidance in what you can do about unexpected charges from Microsoft to investigate and dispute.
    • If needed, use the Microsoft Support contact options (chat or callback) described in the Q&A references to reach billing support and request that the fraudulent orders be cancelled or refunded. Support agents may ask to confirm that the payment method has been removed/blocked and that the password has been changed.
    1. Monitor for unusual sign-ins going forward
    • Keep alternate email and phone details up to date on the Security basics page so Microsoft can send alerts.
    • When an unusual sign-in email or SMS is received:
      • Sign in directly at the Microsoft account site (not via email links).
      • Use Review activity and mark any unknown activity as This wasn't me or Secure your account.
    1. If identity theft is suspected beyond Microsoft If the same card or personal information is being abused elsewhere (multiple services, banks, or merchants), treat it as possible identity theft and:
    2. File a police report and keep a copy for the bank and other institutions.
    3. Place a fraud alert on credit reports with a major credit bureau so new credit cannot be opened without verification.
    4. Close any accounts that were accessed or opened fraudulently and reopen with new passwords and PINs.
    5. Report the theft to the U.S. Federal Trade Commission at https://ftc.gov/idtheft or by phone.
    6. Report suspicious or fraudulent incidents to each affected service provider.
    7. Ongoing protection steps
    • Never reuse the Microsoft account password on other sites.
    • Regularly review the Recent activity page for unfamiliar sign-ins or purchases.
    • Ensure that only the authorized person knows the account password and that no one else in the household has it saved or shared.

    These steps together help secure the account, support refund/dispute of the unauthorized gift card purchases, and reduce the risk of future unauthorized access or charges.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.