how to fix hacked email

Question

my email was hacked on friday 6th march 2026 i manged to get back into my account but now they whoever hscked my account have put something on my server so every morning i wake up to loads of emails addressed to me and asking for money and they know my passwords. i also cannot see any of my old emails from years ago some are sentimental vaule how do i get help to see what they have done to my hotmail account i cannot get through to anyone to help im getting so stressed need help

Answer 1

Hi, I'm John! I will help you with this.

About the persistent draft being credited:

If you haven't tried anything yet, please start by running a full antivirus scan on your computer using Windows Security and any third-party antivirus software you have.

Run a full deep scan using a trusted security tool:

• Download and run Microsoft Safety Scanner here: https://learn.microsoft.com/defender-endpoint/safety-scanner-download
• After running the scan, please restart your PC and monitor whether the issue continues.

---

To be safe, I recommend the following steps:

Check your account rules and forwarding settings, hackers create rules that automatically forward or delete emails. You can do this in Outlook settings under Mail > Rules and Forwarding. https://support.microsoft.com/office/manage-email-messages-by-using-rules-in-outlook-c24f5dea-9465-4df4-ad17-a50704d66c59

Just to be safe, I’d recommend to sign out everywhere. Visit: https://account.live.com/proofs/manage/additional Scroll down to Sign me out and select "Sign me out".

• After signing out everywhere, please monitor if the issue persists in the coming hours.

---

"How to help keep your Microsoft account secure" https://support.microsoft.com/account-billing/how-to-help-keep-your-microsoft-account-secure-628538c2-7006-33bb-5ef4-c917657362b9

---

I really hope this information is helpful! Let me know if you have any further questions or concerns.

Regards,

John J.D.

Answer 2

Follow these steps in order to secure the Outlook.com/Hotmail account and stop the ongoing abuse. Some actions are on the PC/phone, others in the Microsoft account and Outlook.com.

1. Clean all devices used with this account Before changing passwords, remove any malware that could be capturing passwords or controlling the mailbox.

• On Windows 10/11 or 8.1, open Windows Defender (Microsoft Defender):
  1. Select Start.
  2. Search for Windows Defender or select it from the menu.
  3. Make sure protection is turned on and run a full scan of the system.
• If another antivirus is installed, update it and run a full scan.
• Do the same on any other device used to sign in (phone, tablet, other PCs).

Do not skip this step; Microsoft explicitly recommends scanning for malware before changing passwords.

2. Change the Microsoft account password Once devices are clean:

• Sign in to the Microsoft account and change the password using the official flow described in How to recover a hacked or compromised Microsoft account.
• Use a strong, unique password that is not used on any other site.
• If sign-in fails, use the password reset option and follow the hacked/compromised account guide.

3. Turn on and strengthen security (MFA)

• Go to the Security basics page for the Microsoft account and enable multi‑factor authentication (MFA) if it is not already on.
• Add and verify alternate email and mobile phone as security info so recovery is easier in the future. See the guidance under “Add an alternate email address and mobile phone number to your account.”

4. Review recent activity and confirm what was not you

• Open the Recent activity page (linked from Security basics or directly as described in the “Check your account's recent activity” and “Notify us if you don't recognize activity on your account” sections).
• Look for sign‑ins or security changes you do not recognize.
  • If an event appears under Unusual activity, expand it and select This wasn't me.
  • If it is under Recent activity, expand it and select Secure your account.
• Follow any prompts to further secure the account.

5. Clean up Outlook.com mailbox rules, forwarding, and auto‑replies Hackers often create rules or forwarding to keep control or send blackmail emails. In Outlook.com on the web:

• Go to Settings → Mail → Rules:
  • Delete any rule you do not recognize (especially ones that move mail to folders, delete mail, or create drafts automatically).
• Go to Settings → Mail → Forwarding:
  • Remove any forwarding address you did not set up.
• Go to Settings → Mail → Automatic replies:
  • Turn off automatic replies or remove any text you did not create.

Microsoft specifically recommends checking connected accounts, forwarding, and automatic replies after a compromise.

6. Sign out everywhere and remove suspicious apps

• From the Microsoft account Security area, use Sign out everywhere (or equivalent option) to invalidate all active sessions so the attacker is kicked out.
• Review app permissions (connected apps and services) and revoke any that are not recognized.

7. Protect against future attacks and email floods

• Treat all new blackmail or money‑demand emails as malicious. Do not reply or pay.
• Use Outlook.com’s spam/phishing reporting:
  • Mark such messages as junk or phishing to help tune filters, as described under “Tune your filters.”
• Be extra cautious with links and attachments, especially those creating urgency or fear.

8. About missing old emails The context provided does not describe a guaranteed way to restore deleted historical mail. However:

• After cleaning rules and forwarding, check Deleted Items and Archive folders in Outlook.com for older messages that may have been moved.
• If messages were recently deleted, some may still be in Recover items deleted from this folder (in Deleted Items) depending on Outlook.com retention.

9. If sign‑in or unblocking fails If the account becomes blocked again due to unusual activity:

• Use the Sign‑in Helper / Unblock my Outlook.com account flow to unblock the account and follow the guidance in the “Unblock my Outlook.com account” article.
• If password reset or unblocking does not work, follow the steps in When you can't sign in to your Microsoft account linked from the unusual sign‑in and unblock articles.

10. Inform contacts and monitor

• From a safe email account or other channels, warn close contacts that the Hotmail address was compromised and they should ignore suspicious messages from it.
• Continue to monitor Recent activity and mailbox rules for a few days to ensure nothing new appears.

If the attacker changed passwords on other sites using the same password, change those passwords as well and enable MFA where possible.

---

References:

• How to recover a hacked or compromised Microsoft account
• Hello , welcome to Account help & learning
• Unblock my Outlook.com account
• Help protect your Outlook.com email account
• What to do if your email address is leaked
• What happens if there's an unusual sign-in to your account
• My personal hotmail account hacked by hacker with authentication app enabled. - Microsoft Q&A
• hello my email was (Moderator note: PII removed)@icloud.com and now its (Moderator note: PII removed)@jerkoffmail.com can please someone help me and the team change it my username in xbox is (Moderator note: PII removed) please help me team and change it - Microsoft Q&A
• Cannot Access Microsoft Account After Hacker Changed Email, Advice Needed - Microsoft Q&A
• I have seen great advice for deleting the idtienphuoc1 Rule but none for stopping it from re-adding itself - Microsoft Q&A
• Hacker set up continuous draft ransomware email - Microsoft Q&A