What To Do if Office 365 is Hacked

What To Do If Office 365 is Hacked

You are probably well aware that your computer can be hacked via fraudulent websites or by downloading software and apps from unverified sources. Did you know that legitimate programs on your computer can be hacked by cybercriminals? That includes Microsoft’s widely used Office 365. If you suspect your Office 365 suite has been hacked then there are a number of steps to take to protect yourself.

Check the computer’s security

Verify that the computer that you suspect has been hacked has up-to-date antivirus and anti-malware software installed and running.  If there’s no malware protection then now’s the time to install some.  Free malware protection programs can be downloaded from the Microsoft Protection Center website.  Another application you can download from Microsoft to scan your computer for malware is the Malicious Software Removal Tool.

If you encounter any problems, or if you suspect that these measures haven’t worked, then Microsoft offers additional help, with a series of Advanced Troubleshooting steps you should follow.

Reset the password for Office

Changing the password is vital to secure the account against further raids by cybercriminals. Note that it will also end any active session(s). Again, check the Microsoft webpage Admins: Reset a password for one or more users in Office 365, which tells you how to reset a password for one or more users.

Reconfigure delegate access

Allowing another user access to your emails or calendar is known as delegation. This is sometimes used by hackers to gain ongoing access to your computer. Follow the steps that Microsoft outlines on how to configure delegate access in Outlook: Configuring delegate access in Outlook Web App

Review and reconfigure mail forwarding rules

As with delegation, this feature of Outlook can give hackers ongoing access to your email.  You will need to disable mail forwarding rules to external domains and global mail forwarding, as well as eliminate any bogus forwarding rule that might have been created by the cybercriminals who have accessed your machine.

  • You may need to go further here, especially if the account that’s been compromised was locked for changes except by an administrator. Check out Microsoft’s advice on mail forwarding when using Exchange and Office 365: Exchange and Office 365: Mail Forwarding

Maximize your security with multi-factor authentication (MFA)

With MFA anyone seeking access needs to use more than one verification method to get into the system. This makes it much harder for cybercriminals to breach your defences and compromise the account.  Microsoft’s articles on mail forwarding and Azure Multi-Factor Authentication will provide you with the information you need to set it up: Exchange and Office 365: Mail Forwarding and What is Azure Multi-Factor Authentication?

Rethink your password complexity and check password expiration dates

Make it difficult for hackers by using strong passwords (for example, passwords that include at least one capitalized letter and one number) and setting the password expiration policy.  This is even more important if you don’t use MFA.  To do this, run this PowerShell command:…..

Activate mailbox auditing and monitor the audit log

If you enable mailbox auditing then you will be able to review user activity and identify any unusual activity.  To turn on mailbox auditing and learn how to identify anomalous activity, check out Microsoft’s blog posts on these topics: Using Office 365 activity data to improve your Cybersecurity stance and capability and Finding Illicit Activity The Old Fashioned Way

Train Users in Security Awareness

Making sure people who have access to programs such as Office 365 (and other software) are educated about how hackers and cybercriminals operate, and make sure that they’re aware of the signs of suspicious activity. User awareness of scams like spear phishing and ransomware is a key defense against cybercrime.

Need Help With Your IT?

Get Tech Support

Want more? Check out some of our reviews

Leslie Wolfberg
Leslie Wolfberg

5 out of 5 stars

Can’t say enough about the competent staff at Quikteks! Responsive and extremely helpful, they take the frustration out of all our computing issues. They have smartly guided our business into the right equipment and computer structuring. What was once a huge headache is no longer, thanks!

Neil Wagman
Neil Wagman

5 out of 5 stars

These guys are terrific! They manage all of our IT needs and do it with a smile on their face. We have never had an issue with response time, the managed services they provide or cost/billing.

A real pleasure to work with.

Anthony DeVincenzo
Anthony DeVincenzo

5 out of 5 stars

ALWAYS FAST AND RELIABLE. HELPED ME OUT A FEW TIMES WITH MY BUSINESS.

David Greene
David Greene

5 out of 5 stars

Quikteks consistently delivers a high quality service. My company’s technology has never run smoother. I highly recommend using them.

Steven Greene
Steven Greene

5 out of 5 stars

I have used Quikteks for all of my firm’s IT needs including server, PC, backup and phone system for years. They are terrific! Fast response time when issues arise and always reasonably priced.

Gray Murphy
Gray Murphy

5 out of 5 stars

Thank you for your great tech support! Highly recommend.

Nancy Auferio
Nancy Auferio

5 out of 5 stars

We rely upon Quikteks for all of our IT services as well as website development and maintenance. Every member of their team is top notch! Would highly recommend them to any business. And, our website just blew us away!

Brian Snerson
Brian Snerson

5 out of 5 stars

Quikteks has always been there to help me with technology issues and questions. They are very responsive and extremely knowledgeable. I would highly recommend them to my clients and friends.

Andy Lieberman
Andy Lieberman

5 out of 5 stars

Thank You Quikteks for being there again. Your support and service is greatly appreciated. All-Ways knows we can count on you whenever we pick up the phone or email the Quikteks team. You always have the answer we need. Thanks Andrew!

Steven Caggiano
Steven Caggiano

5 out of 5 stars

We have had several IT companies before Quikteks so we definitely can give an honest opinion. We have experienced a very high quality of care and expertise as well as a partnership approach. We recently moved to a new location and they were with us every step of the way. The owner, Nick Tammaro, personally came to sit in on meetings with the GC to make sure everything on the IT side was going right. He went out of his way to supply us with data techs to rewire a few temp offices so we had no down time. His staff is always available and work tirelessly to resolve issues as well as being proactive to reduce unforeseen problems. I would highly recommend them.

Join Our Newsletter

Receive office technology tips, how-tos, keyboard shortcuts and more directly to your inbox.