What to do if Your Email is Hacked

1. Change your email password (using something like 1Password to generate a random and unique password).
2. Enable Two-Factor Authentication (2FA), also known as multi-Factor Authentication (MFA). See instructions further down on this page.
3. Login to your webmail account and check for unusual settings — including "hidden" rules with no names (spaces used) ...
   1. Email Rules (Inbox and sweep rules)
   2. Block or allow (Safe Sender and Recipients and Blocked Senders)
   3. Forwarding
4. Notify the following people and explain what happened. This will help build security awareness and may prevent them from becoming the next target.
   
   • Co-workers.
   • Everyone in your address book. You must assume your address book has been stolen, even if no email appears to have been sent from your account. If you don't use an address book then consider your Recent (or Previous) addresses as stolen.
   • Client and vendors, if appropriate.

Learn More

• Apple Device Security
• Google, What to do if Your Email is Hacked.

Office 365 How-Tos

EVERYONE: Check Your Office 365 Email Sweep Rules, Block or allow and Forwarding

1. Login to your email at outlook.office365.com.
2. At the top of the page, select Settings (Gear icon) > Your app settings: Mail.
3. In Options, select Mail > 
   1. Automatic processing > Inbox and sweep rules
   2. Accounts > Block or allow
   3. Accounts > Forwarding
4. If you see anything you don't recognize or understand, contact your IT team immediately!

ADMINS: Enable Office 365 Multi-Factor Authentication

• Admin console > Users > Active Users
• More menu > More > Setup Azure multi-factor auth
• Leave search field blank and hit search to bring up list of all users and MFA status
• Check desired names then click enable on the right sidebar.
• Ask the enabled accounts to visit https://aka.ms/MFASetup to complete the setup.
• NOTE: Non-Microsoft apps will require unique passwords. See, Office 365: Using MFA with 3rd party email client.