What Should I Do If My Microsoft / Hotmail account was hacked!
If you suspect your Microsoft / Hotmail account has been hacked but you still have access to the account, do the following (and quick!):
1. If your Outlook / Microsoft / Hotmail account was hacked, there’s a good chance your personal information was leaked through your emails…
Start by checking if you have personal, sensitive information exposed in your emails – because most hacks start with an email.
Do it using this free tool to find and help you remove exposed passwords, credit cards, bank and social security numbers in your email account, and keeping you safe.
The tool will keep you safe by removing any and all private data putting you at risk for credit card and identity theft. So if hackers hack your inbox, they won’t find what they’re looking for, and you’ll be protected.
You can also notify friends who sent or received the risky email, and ask them to delete the thread. Once you’ve managed your email, you can now deal with your account.
Change your password
Go to https://www.microsoft.com/en-us/account/ and sign in.
change your password.
Choose a complex password with a combination of at least 8 lowercase letters, uppercase letters, and numbers.
If possible, add special characters like a hash or exclamation point.
It’s best not to pick words that appear in the dictionary. Note that you will be required first to fill in a CAPTCHA.
Check your security info
Check the account recovery email and phone number on the Security settings page, https://account.live.com/Proofs/Manage, and verify that they were not changed.
Replace the recovery code
Microsoft provides a recovery code for use in the event that access to your security information is lost (and they recommend printing and storing this code as a hardcopy).
A hacker with access to your account may change your recovery code as a simple way to regain control over your account after you have changed your password.
To replace the code, scroll down to Recovery code on the Security settings page.
There, click on Replace recovery code to receive a new code. We recommend that you follow Microsoft’s advice and print it.
Remove all trusted devices associated with your Microsoft / Hotmail account
When you use a trusted device, you do not need to enter a passcode to access the account.
To ensure that the hacker has not set up such a device, on the Security settings page, scroll down to Trusted devices and click on Remove all the trusted devices associated with my account.
Change alert settings
We recommend that you verify that alerts are turned on by clicking on Change alert options on the Security settings page and making sure that the checkbox next to your mobile phone number is checked.
Check active sessions
Go to https://account.live.com/Activity to check which devices are currently logged in to your account. You may be required to provide a one-time password, which will be sent to your mobile phone in a text message.
Microsoft will require you to provide the last 4 digits of the phone number to prove that you know the number and that the corresponding phone is in your possession.
After entering the password, you may be asked whether you’re interested in installing Microsoft’s mobile authentication app.
Click on No, Thanks. (We do recommend installing this, but it’s not essential that you do this right now. If you think your account is compromised, then fixing that should be your sole focus.)
If you see any unfamiliar devices logged in to your account or an unfamiliar location, click on it to inform Microsoft.
Check your Microsoft / Hotmail account activity
Go to your Outlook account and check the sent items and the trash to make sure that the hacker didn’t impersonate you and send out emails to your contacts.
Go over any other accounts that take advantage of your Microsoft account (such as Skype or Office Online) and make sure nothing has been changed.
Check your other accounts
If you are using the same password for other websites, change it on these services immediately.
Make sure you are still able to log in to these services.
Attackers often exploit password re-use (a bad idea but a common practice) to gain access to additional accounts!
Don’t forget to check for exposed information in all your email accounts too! Safely do it for free with this tool.
Run an antivirus on your computer
Run an antivirus to find any malware that may have been installed on your computer.
Attackers often obtain a victim’s passwords by installing a Trojan horse.
If your machine is infected, changing the password will not be enough, since the malware will capture the new password and send it to the hacker.
Activate two-step verification
To make your account even more secure, enable two-step verification on your Microsoft account here: https://account.live.com/proofs/EnableTfa?mkt=en-gb
Whenever you sign in, Microsoft will require you to provide a unique code that will appear on your mobile device’s identity verification app.
This provides you with an important and effective extra layer of security.
Sure, it’ll add 15 seconds to your login time, but it’ll save you thousands of seconds later on if you end up getting hacked!