Clearing Compromised Email Accounts
If you think your email has been hacked - usually determined by the fact that you suddenly have a large number of undeliverable email in your Inbox, or you have been blocked from sending emails by Microsoft - don't worry. Just follow the instructions below:
1. Check if you can still send email
Send a test email to see if you can still send out from your account. If not, Microsoft has blocked you. Note that for when you call the Help Desk.
2. Call the Help Desk
Contact the Help Desk at (417) 873-7300 between the hours of 8 a.m. - 5 p.m., Monday through Friday. Tell them you suspect you've been hacked, and if Microsoft has blocked your account.
Have the Help Desk technician reset your password, and if needed, open a ticket with our Microsoft administrator to unblock your account and execute a "forced device logout."
3. Change your password in MyDrury
Login to MyDrury (https://my.drury.edu/ics) with the temporary password provided to you by the Help Desk. A successful login will take you to the Change Password page.
Enter that same temporary password in as the “Current Password” field and then create a new, complex password (8 characters, upper and lower case, numbers and/or special characters) in the fields provided.
Wait 15 - 30 minutes for your new password to be sent to Microsoft.
4. Verify that you have no rules set in your account
A rule is an “if-then” statement that can be created in your account. Hackers use rules to send out emails from your account automatically. To make sure you don’t have any rules set, or to clear any that might be set, follow these steps.
- Login to Webmail (https://login.microsoftonline.com).
- Click the Settings icon.
- Access "View all Outlook Settings" at the bottom of the panel.
- At the Settings window, Click Rules.
- Review the right panel – look to see if there are any rules listed (it's normal to have none).
- If needed, delete any suspicious rules by clicking on the trash icon.
In the Outlook App:
- On the main screen, click the File menu.
- Click the "Manage Rules and Alerts" button.
- Review any rules on the screen - it's normal to have none listed.
- If needed, delete suspicious rules.
5. Make sure no one else has access to your account
Sometimes a “permission” can be granted in your account so other people can be “owners” and use your account as if it were you. It can be helpful to check your account to make sure no one else is an “owner.” You must do this from the Outlook app on a desktop or laptop computer:
- Login to the Outlook app.
- Right click your Inbox.
- Click on Properties.
- Click the Permissions
- Ensure that only the permissions you need are in the list. Both Default and Anonymous should be set to None.
6. Have patience
After you have reset your password, it may still be a few days before your account no longer receives undeliverable emails.
This sometimes happens when a server will keep trying to send your email for a day or two before giving up. Only then will you receive the corresponding undeliverable email. This can happen up to a week after an email is sent out.
If you are still concerned about your account, you can set up multi-factor authentication to further secure your data. Call the Help Desk at (417) 873-7300 between the hours of 8 a.m. - 5 p.m., Monday through Friday, to make your request.