Share via

Overwritten saved e-mails

steve c 0 Reputation points
2026-03-10T21:53:52.2966667+00:00

Hi all

My e-mail was hacked and received loads of emails with the threats unless i pay,

Sorted my account out and stopped this by removing a rule / changing passwords etc

I still have an issue that all my saved e-mails (lots and lots of them) all are not showing overwritten with the threat post.

Does anyone know how to fix this ? (shows same on PC or Apple devices)

Thanks in advance

Outlook | Web | Outlook.com | Email
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Winnie-B 7,270 Reputation points Microsoft External Staff Moderator
    2026-03-11T04:45:25.5566667+00:00

    Hi steve c

    Thank you for reaching out to Microsoft Q&A Forum. From what you shared, I understand that you're facing issue with account compromises.

    In Outlook.com, individual email messages cannot normally be partially edited or reverted to a previous version by end users. If the original messages are no longer present and have been replaced with identical threat emails, this usually indicates the mailbox content itself was modified while the account was compromised.

    Unfortunately, Outlook.com does not support restoring a personal mailbox to an earlier point in time, and there is no built‑in recovery option once message content has been altered or removed from the server.

    • Review Deleted Items folder and use Recover items deleted from this folder (if available) to see whether any original messages are still recoverable.
    • If you had previously exported or backed up emails (for example, via a mail client or third‑party archive), restoring from that backup would be the only way to recover the original content.

    If you believe mailbox damage is ongoing even after securing the account, contacting Microsoft Support directly is recommended so they can review the account for abnormal activity at the service level. It may offer live chat and, depending on your subscription/region, an option to request a callback:

    • Go to Contact - Microsoft Support
    • Type a brief description of your issue in the search box.    
    • Click "Get Help", then scroll to the bottom and select "Contact Support”.
    • Choose the appropriate Products & Services/ Category.
    • Look for and select "Chat with a support agent in your web browser" (during business hours) or a similar callback option (if available). Explain your situation clearly.

    Please feel free to let me know how it goes. I truly appreciate your time and understanding.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".    

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Q&A Assist
    2026-03-10T21:54:06.8466667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    When an Outlook.com account is hacked, attackers often:

    1. Create or modify rules so messages are moved, deleted, or overwritten.
    2. Change mailbox settings such as forwarding or connected accounts.

    Because the same view appears on PC and Apple devices, the changes are almost certainly in the mailbox on the server, not on a specific device. To try to recover or stop further damage, follow these steps in Outlook.com (web):

    1. Check and remove malicious rules
      • Go to Outlook.com in a browser and sign in.
      • Open Settings > Mail > Rules.
      • Delete any rule that moves, deletes, or modifies messages in a way you did not configure (for example, rules that move everything to a specific folder or RSS feed, or that reference suspicious names).
    2. Check forwarding and connected accounts
      • In Outlook.com, review:
        • Mail > Forwarding and remove any forwarding addresses you do not recognize.
        • Connected accounts and remove anything you did not set up.
    3. Review Archive, Junk, and other folders
      • Attackers sometimes move or copy messages instead of truly overwriting them.
      • Check Archive, Junk Email, and any custom folders to see if the original saved emails were moved there.
      • Also verify that filters are not hiding messages (in Outlook.com, select Filter above the message list and choose All so everything is shown).
    4. Secure the Microsoft account
      • Follow the compromised-account guidance to ensure the attacker no longer has access:
        • Scan all devices used to access the account for malware and clean them.
        • Change the Microsoft account password to a strong, unique one.
        • Turn on two-step verification (MFA) and update security info.
      • Then review account settings such as connected accounts, forwarding, and automatic replies as recommended.
    5. If messages truly were overwritten
      • If the original content of existing messages has been replaced on the server, there is no supported end-user method in Outlook.com to roll back mailbox contents to an earlier point in time.
      • After cleaning up rules and securing the account, any remaining “overwritten” messages will likely need to be handled manually (for example, deleting the threat copies and recreating or re-requesting important information from senders where possible).

    If this is a Microsoft 365 work/school mailbox rather than a personal Outlook.com account, an administrator may be able to investigate and remediate further using the guidance for compromised Microsoft 365 mailboxes.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.