Share via

MY email ID [Moderator Note: Personal Info Removed]@hotmail.com is compromised

Arindom Saha 0 Reputation points
2026-03-06T06:44:58.61+00:00

All email id [Moderator Note: Personal Info Removed]@hotmail.com is compromised. All email are corrupted in outlook. I have created a new alias but it's still the same. How can you help me? I have office 365 subscribson. how to fix that?

Please refer the attachment.

Regards,

[Moderator Note: Personal Info Removed]

Outlook | Web | Outlook.com | Email
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Chloe-V 7,265 Reputation points Microsoft External Staff Moderator
    2026-04-14T13:37:20.81+00:00

    Hi Arindom Saha,

    Welcome to Microsoft Q&A forum. 

    Please note that our forum is a public platform, and we will modify your question to hide your personal information in the description. Kindly ensure that you hide any personal or organizational information the next time you post an error or other details to protect personal data.

    I’m very sorry that you’re experiencing this issue. I understand how stressful it can be when your email account has been compromised and you can no longer trust what you are seeing in Outlook.

    Please note that this is a user-to-user support forum. Moderators, contributors including external Microsoft employees cannot directly intervene in Microsoft product features or access back-end systems. Our role is limited to providing technical guidance on reported issues, requests, or ideas only.

    In cases where an account has been compromised, creating a new alias usually does not resolve the issue, as the alias is still linked to the same underlying Microsoft mailbox.

    Therefore, since this is a personal Hotmail/Outlook.com account, the supported method provided by Microsoft to regain control of your account is to submit the Microsoft Account Recovery Form (ACSR): https://account.live.com/acsr

    To improve the chances of successful verification, please ensure that you:

    • Use a different contact email address that you can access so Microsoft can send updates regarding your recovery request.
    • Provide as much accurate information as possible, such as any previous passwords you remember, subject lines of recently sent emails, names or email addresses of frequent contacts, and any Microsoft purchase or subscription details linked to this account.

    You may also refer to the official guidance here: How to recover a hacked or compromised Microsoft account

    After submitting the form, please follow the instructions sent by Microsoft to your contact email address.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. 

    0 comments
  2. Q&A Assist
    2026-03-06T06:45:23.4966667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The symptoms described match a compromised Microsoft account and mailbox. Creating a new alias does not remove the compromise; the account itself must be secured and cleaned.

    Follow these steps in order:

    1. Secure the Microsoft account
    • Immediately change the account password to a strong, unique password that is not used anywhere else.
    • If the account is synced from on‑premises Active Directory or federated, the password must be changed in the on‑premises environment first, then synced to Microsoft 365.
    • Delete and recreate any app passwords that might be in use, because app passwords are not automatically revoked when the main password is changed. See Manage app passwords for two-step verification.
    1. Enable and enforce multifactor authentication (MFA)
    1. Revoke all active sessions Attackers may still be signed in even after the password change.

    On a machine with PowerShell:

    1. Open PowerShell as Administrator and run: 
         Set-ExecutionPolicy RemoteSigned
    2. Install Microsoft Graph modules if needed: 
         Install-Module Microsoft.Graph.Authentication
   Install-Module Microsoft.Graph.Users.Actions
    3. Connect to Microsoft Graph: 
         Connect-MgGraph -Scopes User.RevokeSessions.All
    4. Revoke sign‑in sessions for the compromised account (replace <UPN> with the Hotmail/Microsoft 365 sign‑in address): 
         Revoke-MgUserSignInSession -UserId <UPN>

    This invalidates existing tokens and forces all devices (including the attacker) to re‑authenticate.

    1. Clean up malicious rules and forwarding Compromised Outlook/Outlook.com accounts often have hidden rules or forwarding configured that corrupt or move mail.

    In Outlook on the web (Outlook.com / Outlook Web):

    • Check Settings → Mail → Rules and delete any suspicious rules (for example, rules that move all mail to Junk, Notes, RSS, or delete/forward messages).
    • Check Settings → Mail → Forwarding and remove any unknown forwarding addresses.

    If using Microsoft 365 with admin access:

    • In Exchange Admin Center, review Mail flow → Rules for any rules targeting this mailbox.
    • Use PowerShell (for admins) such as Get-InboxRule -Mailbox user@example.com to identify and remove hidden or malicious rules.
    1. Verify mailbox integrity and symptoms Common compromise symptoms include:
    • Missing or deleted email.
    • Suspicious messages in Sent Items or Deleted Items.
    • Inbox rules that forward or move messages to unexpected folders.
    • External forwarding recently enabled.
    • Suspicious signatures or changes to contact information.

    If these are present, remove the malicious configuration as above and restore mail from Deleted Items or Recoverable Items where possible.

    1. Recover a hacked Microsoft account if sign‑in is blocked If sign‑in is blocked or recovery prompts appear:
    1. Do not rely on aliases as a fix
    • Changing or adding an alias does not remove malware, malicious rules, or attacker sessions.
    • Aliases only change how the account is addressed; the underlying mailbox and security context remain the same.
    1. If mail remains “corrupted” after cleanup
    • Confirm all suspicious rules and forwarding entries are removed.
    • Verify that new mail behaves normally (arrives in Inbox, not auto‑deleted or altered).
    • If issues persist, sign in via Outlook on the web to see if the problem is only in the Outlook client profile; if so, recreate the Outlook profile and resync.

    If the account is a consumer Outlook.com/Hotmail account (not managed by an organization), and access or recovery fails, use the recovery helper and, if needed, contact support as described in the recovery article.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.