I'm in a tough situation. A hacker has taken control of my father's Microsoft account and all associated services. Despite changing the password multiple times and having two-factor authentication (2FA) set up, they seem to bypass it. I've noticed some rules in the account that I can't seem to delete. Furthermore, they've been making unauthorized charges! I've been at this for over eight hours and things aren't improving. What can I do to regain control and secure the account?
4 Answers
Shut down that PC immediately—it could have malware logging your actions. Use a clean device to log into accounts, reset your email password, and set up 2FA via phone (don't use email for this). After securing your email, think about wiping the compromised PC to ensure it's clean. And if there are unauthorized charges, change passwords for any bank accounts too. No money should have been sent out to anyone connected to this issue.
If you have access to another computer, set up the Microsoft authenticator app for 2FA from there. After that, you should wipe the infected PC and reinstall Windows to remove any lingering threats.
I tried switching to my personal computer, but the situation doesn’t seem to change. I'm feeling really overwhelmed.
It sounds like the computer itself might be compromised. I recommend reinstalling Windows using a USB stick, changing all passwords, enabling 2FA, and removing any unknown devices linked to the accounts. Also, don’t forget to delete any forwarding rules!
First, try signing into office.com, go to your account settings, and choose 'sign out everywhere'. Then, change the password again and update the associated email if possible. Hopefully, that can give you a bit more control!
I’ve done this multiple times, but there's still an unremovable rule in the settings.
I managed to remove some malware with Malwarebytes and changed the password. But they’ve been buying stuff through Fortnite and pretty much hijacked all of his accounts. I think a complete OS reinstall is inevitable.