My Office 365 Account may have been hacked

This question is answered This question is answered

My Office 365 account may have been hacked as a number of spam messages appear to have been sent from my account (even though they are not in my sent items).

Doign some digging someone is sending via SMTP using my email address and the servers are sending it.

 

How can I report this to Microsoft and get it investigated and stopped?

 

It's coming from a City Telecom IP in Hong Kong and sent via a Microsoft Hotmail IP address.

 

This happened previously and I changed my passwords, now it is happening again.

 

thanks in advance

 

Andrew

Verified Answer
  • Hello Andrew,

    Here's the results of the FOPE check (with the appropriate blanked out here in public):

    As you can see, no mail has left FOPE to the designated recipient.  Someone may be spoofing your email address (which, unfortunately, is out of our control), but the actual mails being sent out are not going through FOPE/Microsoft.

All Replies
  • You should first of all scan your PC and any PCs in your network to make sure that it's not infected with any malware that would have steal your O365 account credentials.

    After that, changing the password in a clean- malware free PC is going to solve this, because then that person will not be able to authenticate with your account again.

  • thanks Chris

    Sorry, I dont think I made my self clear, let me see if I can clarify.

    I have previously changed my passwords on a clean machine. I dont think someone is signed in as me or is using my account, but they seem to be sending emails directly via the SMTP service, bypassing my account, but sending as me, and only to certain email address (ones that I dont have in my address book).

    these sent emails are not appearing in my sent items. I have the header information that I can supply.

    What I need is for Microsoft to investigate this and how it is happening and to try and stop it from happening again.

    hope that clarifies?

    all the best

    Andrew

  • In order to use the mail services for O365 an account must be first authorized - logged-in with the credentials in order to be able to send e-mails - so what you're describing of 'bypassing my account' cannot be done.

    MS O365 support is going to be helpful only in case you have an enterprise plan subscription.

    Someone might be forging your e-mail address for example, but that's something else and doesn't have to do with the O365 services directly.

  • Hello Andrew,

    Your post was responded to in a private message.

    • Please go to the Your Details section on the right side of the community site.

    • Click Private messages.

    • Click the subject title of the response to read the message.

    • You can reply by using the form in this display.

  • Hello Andrew,

    Here's the results of the FOPE check (with the appropriate blanked out here in public):

    As you can see, no mail has left FOPE to the designated recipient.  Someone may be spoofing your email address (which, unfortunately, is out of our control), but the actual mails being sent out are not going through FOPE/Microsoft.

  • thanks Chase

  • I am also having this problem. I have reset my password from my Surface RT which cannot have any malware, yet this morning I still have another 50+ bounce messages for spam emails I haven't sent.

    what can I do to stop it?