How to create an activity diagram for login

How to Recover Hacked or Tampered Microsoft Account

There are two reasons that could indicate that your account has been hacked.

  • You may have received a message from Microsoft saying “Help us secure your account”. This means that we have detected activity on your account that is unusual enough to take action to lock your account until you can take appropriate action.

  • You have seen activity like unauthorized charges, spam sent to your contact list, unknown names on your file share, etc.

If none of these apply to your situation, go to the If You Cannot Sign In to Your Microsoft Account website.

Follow these steps to regain control of your Microsoft account.

  1. Change your Microsoft account password

  2. Review sign-in activity for sign-ins that are not yours

  3. Check your account settings

  4. Protect your other online accounts

  5. Protect your Microsoft account for the future

Note:As an Xbox customer, you can find Solution for Compromised Xbox Account for a solution that is tailored to the way you interact with your console and account.

1. Change your Microsoft account password

The very first thing you should do to protect your account is change your password.

  1. Go to Account Recovery and enter the email address, phone number, or Skype name you use to sign in. Then choose Further.

  2. You will be asked where to send your security code. Choose Further.

  3. Enter the requested information and choose Send code.

  4. Enter the security code in Verify identity and then select Further.

  5. Give your New password a. Then confirm it by entering it again in the field Enter password again.

If you cannot change your password with a security code posted to your contact information, please complete the recovery form. Here are some tips on how to fill out the form.

Note:To protect your account, our employees have strict guidelines regarding assistance with your account. Microsoft support professionals cannot reset your password, provide account information without proper verification, or make changes to your account security on your behalf. Only you can reset your password and make security changes to your account.

What to do if I can't verify that I have the account

  • We recommend repeating it up to twice a day. You may find more information or remember something that can help.

  • You can always create a new account if you have problems with the recovery request and try again as soon as you remember something new that might help.

2. Check login activity for logins that you have not done

After you are signed in, you should check the recent activity on your account. If an activity is unfamiliar to you, choose That was not me so we can help you change your password if you haven't already.

Note:The location is based on the IP address and is approximate to protect your privacy. Pay attention to the consistency rather than the accuracy of the location.

  1. Switch to security > Login activity > View my activity.

  2. Due to the confidentiality of this information, we need to verify your identity with a security code. Select on the screen Protect your account select the method you want to use to obtain this code, then select Send code.

  3. Type in the screen Enter the code Enter the security code you received.

  4. Review the latest login activity for your account. If you see a fine successful login that you are unfamiliar with, run a scan with your security software and remove any malware you find. Then change your password again.

3. Check your Microsoft account settings

Check safety contact information: Remove any Security Contact information that the attacker may have added.

  1. On the Safety Basics page, select the button refresh information. If you're not already signed in to your Microsoft account, you'll be asked to sign in.

  2. You may be asked to enter a security code in order to continue the process. If you don't have access to your alternate email address or phone number, select I do not have this information and follow the instructions to share your safety information.

  3. Your security information is under Security settings displayed. Choose Remove to delete any information. You may need to add new security information before you can remove the old information.

Update Outlook.com email settings: Sometimes attackers change your email settings so that they can receive emails you send, or they set up automatic replies for incoming emails. Since this is a very common problem, Microsoft will reset these settings to the default options whenever it appears that your account has been compromised.

  1. Sign in to Outlook.com

  2. Select the Settings icon, then select Show all settings.

  3. Review the following settings and remove any unknown addresses or information that may have been added:

Remove a OneDrive share: Make sure that an attacker has not granted access to your files.

  1. Sign in to OneDrive.

  2. Select OneDrive in the left menu Approved .

  3. Review the folders and files you shared and see if any have been added or removed.

Check order history: Check the order history for unknown charges.

  • If you're seeing charges that you can't remember, check your apps and downloaded content to make sure the purchase wasn't made by a family member.

  • If you find that the charge is unknown to you, see How to deal with unexpected charges from Microsoft.

4. Protect your other online accounts

If an attacker can gain access to your username and password, they may be able to access any account for which you used that account. To be on the safe side, you should change your passwords on these other websites as well.

5. Protect your Microsoft account for the future

Check out our tips in Protect your Microsoft account. We recommend that you follow the rules of creating a strong password and use two-step verification and the Microsoft Authenticator app to keep your account more secure and sign in without passwords.

Adding security contact information makes it easy to recover the account in the event that someone takes control of the account or you forget your password. Security contact information is never used for marketing purposes. They are only used to confirm your identity.

Related articles

If you can't sign in to your Microsoft account
Close your Microsoft account
Protect your home computer
What to do if Microsoft charges unexpectedly