14 steps to x a hacked Microsoft 365 account

Download 0.77 Mb.
View original pdf
Size0.77 Mb.
1   2   3   4   5   6
14 steps to fix a hacked Microsoft 365 account - GitBit
dropdown. Click Open.
3. Click the settings gear in the top right > View all Outlook settings.
4. Go to Rules > Click the trash can next to every rule that you want to delete. Click OK.

Before you remove your delegated permissions you should check for mail forwarding. The steps are below.
8. Review mail forwarding
Another thing hackers like to do when they gain access to your mailbox is setup mail forwarding. In short, they may use your account to send phishing attacks to other organizations and request information from other people. So we'll need to disable any mail forwarding the hacker has setup. Open Outlook OWA
> Click your pro le icon in the top right. Click Open another mailbox.
2. Type the user's display name in the box provided. Click the user that appears in the
dropdown. Click Open.
3. Click the settings gear in the top right > View all Outlook settings.
4. Click Forwarding > uncheck Enable forwarding. Click Save.
Don't remove those permissions just yet. If you did nd an inbox rule or a forwarding rule we'll need to undo the damage!
9. Move any emails that were deleted/moved to anew folder
In short, you'll need to move any emails that were deleted or moved to another folder back to the original location. Typically, the original location is the inbox but I'd recommend checking with the user to see if anything else moved or is out of place.
10. Review audit logs to see if the malicious actor did anything
Typically, performing everything above is a good measure to undo the damage and access to the malicious user but you never know. Take a quick gander at the audit logs to verify. Especially, if

the user account that was compromised was an admin account. The hacker may have dropped in another account and assigned an admin role to it. Go to the Microsoft 365 Defender admin center >

Download 0.77 Mb.

Share with your friends:
1   2   3   4   5   6

The database is protected by copyright ©ininet.org 2022
send message

    Main page