Share via

How can I STOP generated DRAFT EMAIL

S F1 0 Reputation points
2026-05-06T06:55:12.2866667+00:00

How to stop hacker who got access to my email, ad I can't stop him.

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ferdinand Nanalig 29,195 Reputation points Independent Advisor
    2026-05-06T07:32:25.2066667+00:00

    Hi! Let me help you.

    Have you tried signing out of your Microsoft account on all your devices?

    0 comments
  2. Q&A Assist
    2026-05-06T06:55:34.8466667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To stop a hacker-generated draft email and secure an Outlook.com account, perform a full cleanup of rules, forwarding, sessions, and app access, then secure the account and devices.

    1. Remove malicious rules and forwarding
      1. Sign in to Outlook on the web.
      2. Go to Settings → Mail → Rules and delete any suspicious rules (for example, rules that move mail, create drafts, or reference strange names like “Demon”).
      3. Go to Settings → Mail → Forwarding and remove any forwarding address that is not recognized.
    2. End active sessions and revoke app access
      1. Go to the Microsoft account recent activity page at https://account.live.com/activity to see where and when the account was accessed. If unknown locations or devices appear, mark them as “This wasn’t me” where available.
      2. Use the Microsoft account security options to sign out everywhere so any active hacker sessions are terminated.
      3. Open Manage app permissions for the Microsoft account and revoke any apps or add-ins that are not recognized; attackers often use these to maintain access.
    3. Check for additional attack mechanisms (if using Microsoft 365/Exchange Online) If the account is part of a Microsoft 365 subscription and there is admin access:
      1. In the Exchange admin center, go to Mail flow → Rules and look for suspicious rules that might auto-forward or manipulate messages; disable or delete them.
      2. Use PowerShell commands such as Get-InboxRule -Mailbox youraddress@example.com (run by an admin) to detect hidden or unusual inbox rules and remove them.
    4. Secure the account
      1. Change the account password again to a strong, unique password after cleaning rules and sessions.
      2. Ensure multi-factor authentication (MFA) is enabled and configured with trusted devices only.
      3. Add or update alternate email and phone information so the account can be recovered if compromised again.
    5. Protect devices and watch for further activity
      1. Run a full antivirus scan on all devices used to access the account and ensure operating systems are fully updated.
      2. Monitor the recent activity page regularly for unusual sign-ins.
      3. Inform contacts that the account was compromised so they can ignore suspicious messages.

    If access to the account is already lost (for example, the hacker changed security info and enabled an authenticator), use the official account recovery and hacked account guidance to attempt to regain control and remove attacker-added aliases or security info once access is restored.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.