Check my Microsoft 365 account for suspicious rules
If your Microsoft 365 account is compromised, someone may add rules to move your incoming emails to different folders without your knowledge. This can make it seem like you're missing emails when they're actually being sent to a random folder. If you suspect your account has been compromised, check for and delete any rules that you didn't create in both Outlook on the web and the Exchange admin center.
Outlook on the web
First, check for any malicious inbox rules in Outlook on the web.
- Sign in to Outlook on the web. Use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
- In the upper-right corner, select
Settings. - Select Mail, and then select Rules. You'll see a list of rules added to your account. Delete any that you don't recognize.
Exchange admin center
Transport rules will appear in the Exchange admin center, but not in Outlook on the web. Please note you must be an admin to access the Exchange admin center.
- Sign in to the Exchange admin center. Use your Microsoft 365 email address and password (your GoDaddy username and password won't work here).
- On the leftmost side, under Mail flow, select Rules. You’ll see a list of rules added to your account.
- To delete any rules that you don’t recognize, next to a rule, select the checkbox, and then select Delete.
Your account should now be cleared of any rules or settings that you didn’t create.
Related steps
- If you have Advanced Email Security, you might also want to check your spam settings and check your filters for malicious activity.
- To automatically move incoming messages to a specific folder or assign an importance level, create inbox rules in Outlook on the web.
