Share via

reoccurring hacked drafts in my inbox

Todd Oster 0 Reputation points
2026-05-21T17:53:49.95+00:00

My Outlook.com mailbox is generating drafts every few seconds even after password reset, 2FA, sign‑out everywhere, removing rules, removing devices, and clearing drafts. I need a mailbox state reset because the Drafts folder is regenerating due to a corrupted server‑side process.”

how to fix reoccurring hacked drafts in my inbox?

Outlook | Web | Outlook.com | Email

1 answer

Sort by: Most helpful
Most helpful Newest Oldest

  1. AI answer

    2026-05-21T17:54:20.13+00:00

    Reoccurring hacked drafts in Outlook.com are typically caused by leftover malicious rules, forwarding, connected apps, or active sessions rather than a corrupt mailbox state. To fully clean up the account, follow these steps in order:

    1. Verify the account is not blocked or compromised
    1. Run a full malware scan on all devices
    • Before changing anything else, scan every device used to access Outlook.com (PC, phone, tablet) with an up-to-date antivirus.
    • This ensures no malware or malicious add-in keeps injecting drafts or reconnecting to the mailbox.
    1. Reset password and confirm security info
    • After cleaning devices, change the Microsoft account password again using the official password change/reset options.
    • Review security info (phone, alternate email, authenticator) and remove anything not recognized.
    1. Clean up Outlook.com mailbox configuration Sign in to Outlook.com on the web and check:
    • Rules:
      • Go to Settings → Mail → Rules.
      • Delete all rules that are not explicitly created or recognized.
    • Forwarding:
      • Go to Settings → Mail → Forwarding.
      • Remove any forwarding addresses that are not recognized.
    • Automatic replies:
      • Go to Settings → Mail → Automatic replies.
      • Turn off any automatic replies that were not set intentionally.

    These are explicitly called out as items to review after a compromise because attackers often use them to automate messages and drafts.

    1. Sign out everywhere and remove device partnerships
    • Use the Microsoft account security page to sign out of all sessions.
    • For devices that sync Outlook.com, remove and re-add the account if drafts continue to appear only from a specific device.
    • If one device is causing issues, remove its partnership as described in the Outlook.com sync guidance.
    1. If drafts still regenerate, treat it as a compromised/hacked scenario
    • Use the hacked/compromised account recovery guidance again to ensure no lingering access:
      • Start with the sign-in helper tool: Start.
      • Follow the flow to either self-remediate or reach an agent.
    1. Contact Outlook.com support for mailbox-side investigation If drafts continue to regenerate after all the above steps, support needs to review the mailbox state on the server side:
    • In Outlook.com (web), select Help on the menu bar.
    • Enter the issue (for example, “reoccurring hacked drafts in Drafts folder”).
    • If self-help articles do not resolve the issue, scroll down to “Still need help?” and select Yes.
    • Choose the option to chat with a support agent in the web browser.

    If sign-in is not possible, use the alternate Outlook.com support entry point for non-signed-in users.

    Support can:

    • Confirm whether there are hidden rules, processes, or account blocks.
    • Escalate for deeper mailbox-side checks if needed.

    If the account was clearly hacked and automated drafts are part of the attack, also report it through the hacked/compromised account flow so the case is flagged correctly.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.