How To Fix Hacked Office 365 Accounts Like A Pro


In the digital age where almost every business communicates via email, Outlook Office 365 became one of the most prevalently used applications across organizations. With its help, companies were able to exchange messages with their partners, colleagues, and clients without problems on a daily basis.

Evidently, internal and external communications became more convenient with Outlook. But because of its growing popularity in the business world, it gradually became one of the cyber-attack hotspots online. As you can see, hacked corporate email accounts can lead to serious problems when not resolved immediately. For this reason, it’s fundamental for organizations to learn the tell-tale signs of a compromised email account.

Tell-tale Signs That Your Office 365 Email Account Has Been Compromised

  • There are some emails missing in your inbox.
  • Your account sends unsolicited emails to other users without your knowledge.
  • You notice that there are existing rules in your inbox that you didn’t create. Usually, these rules are set to automatically forward emails to unknown addresses.
  • Your display name is different in the Global Address List.
  • Your mailbox is blocked from sending a message.
  • Unusual changes or updates were made to your profile name, telephone number or postal code.
  • Unusual credential changes.
  • Mail forwarding gets added in your account without you knowing.
  • There is an unusual signature added to your account.

When you spot these signs mentioned above, it’s best that you perform an investigation with the help of the Microsoft Office 365 Security and Compliance Center. Aside from that, you can also seek the assistance of Azure Portal to get the tools you need to investigate unusual user activities in your account.

Best Way to Secure and Restore Your Email Function

Even when you’ve regained access to your account, there’s no certainty that it’s already safe if you don’t perform these steps recommended by IT experts. Cybercriminals can still continue to control your account through by adding back-door entries. Hence, it’s essential that you follow this guide to secure and restore your Office 365 email function accordingly.

Step 1: Reset Your Password

  1. Go to your Microsoft 365 admin center.
  2. Click on Users and then on Active Users.
  3. Select your user account.
  4. Click on the Reset password
  5. After that, type in your new password.

If you want to lessen the chances of cybercriminals hacking your account, see to it that the new password you set is strong and complex. Aside from that, it’s also recommended that you enable the Multi-Factor Authentication feature in Office 365. By doing that, you will be able to prevent compromise for all accounts, including those that have administrative privileges.

Step 2: Remove The Suspicious Email Forwarding Addresses

  1. Open your Microsoft 365 Admin center then go to Active Users.
  2. In there, find the suspected user account and expand its Mail Settings.
  3. To remove these email forwarding addresses, click Edit.
  4. Once you do that, you’ll be able to get rid of suspicious forwarding addresses immediately.

Step 3: Disable The Suspicious Rules You Find in Your Inbox

  1. Using Outlook on the web, sign in to your mailbox.
  2. After that, click on the gear icon and then click Mail.
  3. Select the Inbox and sweep rules option and then review the rules set.
  4. Once you’ve determined the suspicious rules, disable or delete

Step 4: Unblock Your Mailbox from Sending Mail

  1. Use an account that has access to Office 365 global administrative privileges and then sign in to Office 365 Security and Compliance Center.
  2. After doing this, you will see in the list on the left a Threat Management Expand this then click Review.
  3. Click Restricted Users. In there, you will find a list of users that have been blocked from sending emails outside the organization.
  4. Look for your user account and then click Unblock.
  5. Taking into account that the Office 365 account you wish to unblock is really compromised, the app will give you recommendations on how to deal with your account when worse comes to worst. Once you’re done going through this, click Next.
  6. Click Unblock user.
  7. Click Yes to confirm the changes you made.

Step 5 (Optional): Block Your Account from Signing-In

If you’re uncertain whether it’s safe to access your account or not, you can block it from signing-in until such time you think it’s safe to do so.

Here’s how you can do this easily:

  1. Open your account’s Microsoft Office 365 admin center.
  2. Select Users.
  3. Select your account in the user pane and then click the Edit option you find next to its Sign-in status.
  4. Choose Sign-in blocked on the Sign-in status pane and then click Save.
  5. In the lower-left navigation pane of the Admin center, expand Admin Centers and then click Exchange.
  6. Navigate to Recipients and then select Mailboxes.
  7. Select your user account and then click on the Disable option you find on the user properties page you find under Mobile Devices.
  8. Once you’re done disabling, click Yes to confirm your action.
  9. Click Disable under Email Connectivity and then answer Yes to the next pop up.

Step 6 (Optional): Remove Your Account from Administrative Role Groups

  1. Open your global administrator account’s Microsoft 365 admin center.
  2. Click Active Users and then look for your compromised account in the list. Check whether there are administrative roles assigned to the account or not.
  3. Open Security and Compliance Center.
  4. Click on Permissions.
  5. Review groups manually to see if your hacked account is a member of any administrative groups. Click Edit Role Group and then Edit to remove your user account’s role.

Don’t worry, you’ll be able to restore your administrative role easily once your account is secured.

Tips On How to Protect Your Email Account from Being Hacked

Now that you know how to respond when your email account gets compromised, it’s time that you learn how to protect yourself from these security breaches online. You have to keep in mind that it’s not enough to have a contingency plan when things go wrong. If you want to ensure your company’s continuity and IT security, you have to take preventive measures to fend of cybersecurity threats.

In order to achieve this, here are some tips that you can follow:

Utilize Password Managers to Generate Strong Passwords

One of the best ways to create a strong password for your account is by availing of a reputable password manager application. With the app’s assistance, a strong and unique password will be generated randomly. Through that, you will be able to lower the chances of your password to be stolen by hackers.

Change Your Password Frequently

Other than generating strong passwords, it’s also crucial that you change your password frequently. In addition, it’s also recommended by IT professionals that you don’t reuse old passwords to ensure your account’s security. By changing your password regularly, you will give hackers a hard time when they attempt to compromise your account. Hence, strengthening your email account’s protection from security threats.

Be Mindful of the Links You Click in Your Email 

It has been renowned all over the world that one careless click can trigger cyberattacks and cause the downfall of your company. That’s why it’s vital that you’re mindful of the links and attachments you click while using your email account.

Often times, hackers disguise malicious emails to look legitimate in order to deceive end-users. For this reason, it has been established as a general rule to never download links or open attachments from unknown senders.

Make Sure to Install a Strong Antivirus Application on Your Device

Aside from taking extra precautionary measures while using your email account, it’s also critical that you install a reliable antivirus app on the device you’re using to access them. With the help of these apps, you’ll be able to enjoy real-time protection from phishing and malware attacks. Hence, it is undeniable how much easier it is for companies to protect confidential information when they have good antivirus in place.

Update Computer and Smartphone OS Regularly

Beyond any doubt, software developers are still susceptible to errors. For this reason, it has been well-known that there is no such thing as a flawless software. Although this is true, developers still strive to release updates and patches regularly to correct the security holes and vulnerabilities that they overlooked. Hence, it’s important to update your computer and smartphone operating system regularly. By doing this, you’ll be able to avail of the software’s security improvements.

The ones mentioned above are just some of the many ways you can protect your Office 365 email account from hackers. With the help of IT professionals from managed IT services in the Philippines like House of IT, you’ll be able to have the IT security necessary to strengthen your company’s defenses from these security breaches. Aside from that, they will also help you protect your Office 365 email account from being hackers that wish to steal sensitive company information. Contact House of IT now to avail of their services.