Microsoft Account Hacked? Step-by-Step Instructions To Recover Your Account

Microsoft accounts are a prime target for hackers, so here's what to do if you suspect you're hacked.
We receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

If your Microsoft account is hacked, the first steps you should take are running a virus scan, changing your password, and turning on two-factor authentication. If you can’t access your account anymore, contact Microsoft support for help.

It’s important to act fast because Microsoft accounts offer a treasure-trove of personal information to hackers. They also get access to your contact list, which can allow them to send phishing emails to further perpetuate fraud.

In this article, we'll reveal the red flags that indicate your account has been hacked and what to do next. This article also covers how to protect yourself from hackers, like using the best antivirus software.

In this article
What to do if your Microsoft account is hacked
What to do if you’re locked out of your hacked Microsoft account
How to know if your Microsoft account has been hacked
How to protect your Microsoft account
Hacked Microsoft account FAQ
Bottom line

What to do if your Microsoft account is hacked

If you believe your Microsoft account is hacked, there are certain steps you can take to recover your account and block the hacker.

Run a virus scan

First, it’s important to ensure your device itself hasn’t been compromised. The best way to do this is by running a virus scan, which will detect the latest online threats and block them.

Here are a few of the best antivirus software to consider using:

  • TotalAV: TotalAV is one of the top options for malware and phishing protection. It also has features to block tracking cookies, monitor for data breaches, and schedule automatic virus scans. TotalAV also has multi-device compatibility which means you can use it on your desktop and phone.

    Get TotalAV | Read TotalAV Review

  • Bitdefender: Bitdefender is great for everyday use since it protects you from phishing and online fraud while you browse the internet. Beyond top-tier protection for your devices against viruses, Bitdefender also has tools to optimize device performance and protect your privacy.

    Get Bitdefender | Read Bitdefender Review

  • Avast: For budget-conscious users, Avast has a free antivirus program that includes automatic virus scanning, suspicious app behavior alerts, and file scanning. Upgrading to Avast Premium Security will give you access to malicious email protection and help you avoid fake websites.

    Get Avast | Read Avast Review

Reset your Microsoft password

To reset your Microsoft password:

  1. Navigate to the Microsoft account recovery page.
  2. Enter your email address, phone number, or Skype name.
  3. To verify your identity, Microsoft will send you a code to reset your password. You can choose to send the code to your email address or phone number.
  4. Microsoft verification pop up

  5. Once you enter the code, Microsoft will let you reset your password.
  6. Be sure your new password is strong by choosing a mix of lowercase and uppercase letters, numbers, and special characters.

Enable multi-factor authentication (MFA)

Once you have gained access to your account, you'll want to enable MFA, which Microsoft calls two-step verification.

This process will require users to verify their identity twice when accessing an account: first by entering the correct password, then second by inputting a code sent to your phone number, alternative email address, or the Microsoft authenticator app.

To turn on two-step verification, follow these steps:

  1. Log in to your Microsoft account and go to Advanced security options.
  2. Under Additional Security, find Two-step verification.
  3. Enable Two-step verification.
  4. Follow the prompts to set it up properly.

Check all your account settings to make sure they’re still correct

Go to your contact information and make sure nothing has changed. If it has changed, then correct the information. Here are some examples of things you should check:

  • You'll want to verify the phone number and email address are accurate since these are crucial for recovering your account in the future.
  • You also want to make sure that your mail forwarding settings and autoreplies are set to your preference. Sometimes hackers change these to gain access to your account again in the future or avoid detection.
  • Finally, you may have third-party apps connected to your Microsoft account. You'll want to check if these apps have been compromised and take action to secure them.

What to do if you’re locked out of your hacked Microsoft account

If you’re using the correct login information and you can't access your account, then your Microsoft account may be hacked. Here are the steps you can take to recover your account:

  1. Try to reset your password using the Microsoft account recovery page. Enter your email address or phone number. Then follow the instructions to verify your identity.
  2. Microsoft tool for recovering your account

  3. Another option is to use Microsoft Support if you think you’ve been hacked. Enter your email address or phone number, and Microsoft Support will tell you if there are any problems with your account. If it does detect an issue, it will tell you how to recover your account.

Microsoft sign in tool

How to know if your Microsoft account has been hacked

One of the most common signs that your Microsoft account has been hacked is being unable to log in even if you’re using the right password. However, some other less noticeable signs that indicate an unauthorized user in your account:

  • Unexplained sent or deleted emails : Look at the emails sent from your account and the emails in your trash. If you don't remember sending or deleting them, then someone else may be using your account.
  • Profile changes: A different name or telephone number may indicate a compromised Microsoft account. You'll also want to review credential changes to spot signs of a hacker. For example, maybe MFA is disabled when it was previously enabled.
  • Changes in mail forwarding settings: To avoid detection, hackers will alter mail forwarding to have emails sent to their account instead of yours. You should confirm if these settings are changed or not.
  • A new signature added to emails: Sometimes hackers will add a signature to your emails to make them look more legitimate. Phishing emails are easier to fall for if the source looks like a trusted source.
  • Check your recent activity: Occasionally, you may receive an email about suspicious activity on your account, such as a login from a new location. But you can also check this manually on the Recent activity page. These notifications can help ensure that unauthorized users aren't accessing your account.

How to protect your Microsoft account

You should take all the necessary steps to protect your Microsoft account. Not only will this make it harder for attackers to access your account, but it’ll also make it easier to recover your account if you do get hacked.

Here are a few tips to stay safe online:

  • Learn how to spot scammers: Malicious actors are good at extorting information from you. By knowing the telltale signs of a scam, you’re better able to stop a potential threat before it takes over your account.
  • Use a strong password: Every single account should have its own unique password that isn't used for other accounts. Ideally, it should also contain uppercase and lowercase letters, symbols, and numbers. This makes it harder for hackers to guess your password.
  • Use a password manager: It's obviously difficult to remember passwords for dozens of different accounts. Using a top password manager can help safely store your login information until you're ready to use it.
  • Use antivirus software: Hackers often infect your device with malware to steal your login information. Antivirus software can spot these threats and stop them from spreading.
  • Enable MFA: MFA is an important security tool that forces users to verify their identity twice. It's unlikely a hacker will have access to both credentials, which makes your account more secure.
  • Update alternative contact information: You can add an alternative phone number or email address. Supplying this information can make it easier to recover your account in the future. If your account was compromised, you want to confirm that this information wasn't changed.

Hacked Microsoft account FAQ


What do I do if someone hacked my Microsoft account and changed everything?

If someone has hacked your Microsoft account and changed everything, the first step is to see if you can recover the account by changing the password. If that doesn't work, you can try the sign-in helper tool. Finally, you can use the Microsoft account recovery form to try to gain access again. As a last resort, you can create a new Microsoft account and ask support to transfer any purchases.


What can hackers do with your Microsoft account?

Hackers can use your Microsoft account to send out mass spam or phishing emails to your contacts. Since the emails look like they’re from you, recipients might trust them and fall into a scam, like sending money to the hacker.

Another way a hacker might misuse your Microsoft account is searching for personal information like passwords and financial information and using it to commit further fraud.


How did my Microsoft account get hacked?

There are multiple ways for your Microsoft account to get hacked. You may have had malware on your device, your password was leaked in a data breach, or you had a weak password that was easy to guess.

Bottom line

Recovering a hacked Microsoft account can require some effort. It involves resetting your password and immediately taking action to prevent hackers from regaining access. It's far easier to follow essential security rules to prevent getting hacked in the first place. Occasionally running virus scans from good antivirus software is a good practice to get into the habit of doing.

You'll also want to make sure you’re using strong passwords for all your accounts and have MFA enabled for an extra layer of security. Staying safe online also means that you’re aware of the signs of a phishing email or other possible scams. Following these security rules can go a long way in protecting your data.

No Fuss, Real-Time Online and Mobile Protection
Editorial Rating
Learn More
On TotalAV's website
Antivirus Software
First year discount on paid plans
  • Real-time protection from viruses, malware, and online threats
  • Blocks tracking cookies and ads, proactively monitors for data breaches, and option to schedule smart scans
  • 100% compatible with Windows, Mac, Android, and iOS operating systems on up to 3 devices
  • Lacks firewall protection

Author Details
Sara J. Nguyen is a freelance writer specializing in cybersecurity. She aims to help people protect their data while enjoying technology. She has written about online privacy and tech for over 5 years for several organizations. When she's not writing about the latest cybersecurity trends, you can find her on LinkedIn.