Outlook Hacked? Steps to Recover Your Account & Protect Your Data :

>>How to Handle Authentication in Node.js (JWT, OAuth, and Sessions) :

>> Outlook is one of the most widely used email services, making it a prime target for hackers. If you suspect your Outlook account has been hacked, it's crucial to act quickly to regain control and secure your personal data. This article outlines the steps you should take to recover your account and prevent future breaches.

>> Signs Your Outlook Account Has Been Hacked :

See All

>> Before taking action, confirm whether your account has been compromised. Some common signs of hacking include:

✅ Unexpected Sign-ins – You receive alerts about sign-ins from unknown locations.
✅ Unauthorized Emails Sent – Your contacts report receiving spam or phishing emails from your account.
✅ Password Change Notifications – You receive emails about password changes that you didn’t make
✅ Missing or Deleted Emails – Important emails are deleted, or new ones are automatically moved to folders.

>> Steps below to secure your Outlook account.

Step 1: Change Your Password Immediately :
Step 2: Check for Unauthorized Activity :
Step 3: Update Recovery Information :
Step 4: Enable Two-Factor Authentication (2FA) :
Step 5: Check Your Email Rules & Forwarding Settings :
Step 6: Scan Your Device for Malware :
Step 7: Notify Your Contacts :
Step 8: Report the Hacking Incident to Microsoft
Step 9: Secure Other Online Accounts :
Step 10: Stay Safe from Future Hacks :

>> Real-Time Protection

See All

>> Hackers Placed Malicious DLL on OWA Server

See All

According to the security firm, the attacker replaced the OWAAUTH.dll file (used by OWA as part of the authentication mechanism) with one that contained a dangerous backdoor.
Since it ran on the OWA server, the backdoored DLL file allowed hackers to collect all HTTPS-protected server requests, including login information after they had been decrypted, i.e., in clear text.

>> Hackers Stole 11,000 Credentials :

Every user accessing the hacked server had their username & password compromised and stored by the attackers.
Researchers discovered more than 11,000 usernames and passwords combinations in a log.txt file in the server's "C:\" partition. Log.txt file is believed to be used by attackers to store all logged data.
The unnamed company that detected "behavioural abnormalities" across its network before reaching out to security firm Cybereason had more than 19,000 endpoints.
To prevent their backdoor from being removed, the attackers also created an IIS (Microsoft's Web server) filter through which they loaded the malicious OWAAUTH.dll file every time the server was restarted.

>> TRENDING

See All