how to fix issue

Question

i was hacked draft e mails were sent to me threatening me and i have lost hundreds of e mails. what to do?

Answer 1

Hello,

I am going to share with you the comprehensive list of things to do, please feel free to skip those you already did. This process can take a bit time, so please be patient as you go through it.

Please complete these steps on a computer, not on a smartphone or tablet.

====================

First, go to https://www.outlook.com and sign in.

Click the gear icon in the top right corner to open Settings.

Under Mail, review the following areas:

Rules

If any rules are listed, delete all of them.

Conditional formatting

If anything is set up there, delete it.

Forwarding and IMAP

If you see any entries or settings you did not create, remove them. Turn off POP and IMAP.

Junk

Review Safe sender and blocked list. If you don't recognize any, remove them.

After that, exit Settings and return to outlook.com.

Open the To Do section by clicking the blue checkmark icon on the left side. Delete anything there that was not created by you.

====================

Go to https://account.live.com.

Under Your info > Sign-in preferences, review all aliases on the account. If you see any alias you do not recognize, remove it.

Next, go to the Devices section of your Microsoft account and remove any devices you do not recognize.

====================

Please also do the following in Security section

Change your password

Enable two-step verification

====================

Go here https://account.microsoft.com/privacy/app-access Click on "Don't allow" for anything you don't recognize.

=======================

Then go to Security > Manage how I sign in and make sure all contact information belongs to you.

On that same page, scroll down to App passwords and remove any existing app passwords.

Also on the same page, click on Sign out everywhere. This is intended to disconnect any active sessions that may still be connected. Please note that this can take up to 24 hours to fully take effect.

====================

In addition, this problem can sometimes be caused by a malicious script or infection on one of your devices.

Are you using a Windows computer to check email? Do you use an email app such as Outlook Classic or New Outlook?

If so, please open the app and remove the account from the app settings.

Then go to the Microsoft Safety Scanner download page:

https://learn.microsoft.com/defender-endpoint/safety-scanner-download

Download the 64-bit version, run a full scan, and let me know what the final results say.

Answer 2

Hi Tito,

This type of message is very commonly a phishing or extortion scam email. Microsoft explains that scammers often send threatening messages designed to scare people into paying money or revealing information. These emails may claim your account was hacked, include an old password, or pressure you to act quickly.

According to Microsoft guidance, phishing emails often show warning signs such as urgent threats, requests for payment, strange sender addresses, or poor grammar, and they try to create panic so people respond quickly.

If you receive one of these messages, Microsoft recommends:

• Do not reply or send money.
• Do not click links or attachments in the email.
• Report the email as phishing or spam and delete it.
• Change your password and enable two-factor authentication to secure your account.

You can also review your recent account activity and change your password from the Microsoft security page if you want extra assurance that no one accessed your account.

For more information, you can refer to these links:

https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44

https://support.microsoft.com/en-au/topic/what-to-do-if-your-email-address-is-leaked-e85361c2-024d-43f6-93f6-aea41cf48073

Answer 3

Follow these steps to contain the hack, stop the threatening drafts, and try to recover lost mail.

1. Secure the Microsoft account immediately

• Go to the Microsoft account security page and change the password to a strong, unique one. Do not reuse any old password.
• Turn on multi‑factor authentication (MFA) for the account on all services that support it. MFA blocks most password‑based attacks.
• If the phishing or hack involved other accounts (bank, shopping, social media), change those passwords as well and enable MFA there too.

2. Check for ongoing compromise in Outlook.com

• Sign in to Outlook on the web.
• Check for malicious rules:
  • Go to Settings → Mail → Rules and delete any rule you don’t recognize (for example, rules that move messages to Junk/Notes/RSS or auto‑forward mail).
• Check for forwarding:
  • Go to Settings → Mail → Forwarding and remove any forwarding address you don’t recognize.
• Check recent sign‑in activity:
  • Visit the Recent activity page at https://account.live.com/activity to see where and when the account was accessed in the last 30 days. If there are sign‑ins you don’t recognize, follow the guidance there to secure or close the account.

3. Clean up devices used to access the account

• On every PC/phone/tablet used with this email account:
  • Make sure the operating system is fully updated.
  • Run a full, up‑to‑date antivirus scan.
• If the threatening drafts started after using a new device, strongly consider backing up important data and doing a factory reset on that device.

4. Stop interacting with threatening/phishing emails

• Do not reply, click links, open attachments, or call any phone numbers in those threatening drafts or emails.
• In Outlook.com, mark such messages as junk/phishing so filters can block similar messages.
• If money, identity theft, or blackmail is involved, collect details (screenshots, message text, dates) and report to local law enforcement.

5. Try to recover missing or moved emails

• In Outlook.com, check:
  • Deleted Items and Recover items deleted from this folder (if available) to restore messages.
  • Archive folder for messages that may have been archived instead of deleted.
  • Other folders and rules as above, in case a hacker created rules to hide mail.

6. If the account is still inaccessible or behavior continues

• Use the official Microsoft account recovery helper to regain access if locked out: follow the steps in How to recover a hacked or compromised Microsoft account.
• If the recovery form fails or there are service errors, wait for any lockout period to expire and try again, providing as much accurate information as possible (old passwords, contacts, subject lines).

7. Protect against future attacks

• Use strong, unique passwords for every important account and store them in a password manager.
• Be extra cautious with emails that:
  • Create urgency or fear.
  • Ask to click a link, open an attachment, or provide passwords/payment.
• If unsure about a message, verify with the sender via a known, separate channel before acting.

If the threats mention extortion, blackmail, or identity theft, report them to local law enforcement in addition to securing the account.

---

References:

• Help protect your Outlook.com email account
• Respond to a compromised cloud email account
• Protect yourself from phishing
• What to do if your email address is leaked
• Phishing and suspicious behavior in Outlook
• Email is missing from your Outlook.com inbox
• How to recover a hacked or compromised Microsoft account