# Cyber Security # Securing Emails After a Security Breach In today's world, there are unfortunately bad actors which attempt to infiltrate various systems. AI is making this easier then ever, so its important to remain vigilant, however, some of the attack vectors are so convincing that they can fool anyone. This article will help you re-secure your account if you do become a victim.

Whilst our focus here is on Microsoft 365 accounts, the principals can be applied to most email providers.

## Secure Your Account
Login to your [Microsoft Account](https://myaccount.microsoft.com) using your email and password
Select to `Change Password` on the left-hand menu. [![image.png](https://kb.findesolutions.com/uploads/images/gallery/2026-06/scaled-1680-/1gts26W95U1Am5IR-image.png)](https://kb.findesolutions.com/uploads/images/gallery/2026-06/1gts26W95U1Am5IR-image.png)
Enter a new password, and confirm it.

A long password is more secure than a complex password. Consider using a [passphrase](https://www.useapassphrase.com/).

[![image.png](https://kb.findesolutions.com/uploads/images/gallery/2026-06/scaled-1680-/9tTi2Y5lB79t4ogj-image.png)](https://kb.findesolutions.com/uploads/images/gallery/2026-06/9tTi2Y5lB79t4ogj-image.png)
On the `Security info` page, you'll see an option to `Sign out everywhere`. Press this and follow the prompts.

This could take up to an hour to be effective.

[![image.png](https://kb.findesolutions.com/uploads/images/gallery/2026-06/scaled-1680-/kD8unkre96BczkZI-image.png)](https://kb.findesolutions.com/uploads/images/gallery/2026-06/kD8unkre96BczkZI-image.png)
On the `Security info` page still, remove any devices you do not recognise that are used for MFA (Multi-Factor Authentication).
## Check for Email Rules Often these malicious actors will add in rules to your email inbox to try to hide their activity and to ensure they get the spray to your contacts. Login to [Outlook](https://outlook.cloud.microsoft) and navigate to `Settings > Email > Rules`. [![image.png](https://kb.findesolutions.com/uploads/images/gallery/2026-06/scaled-1680-/I1eb1ghyyPk5P9En-image.png)](https://kb.findesolutions.com/uploads/images/gallery/2026-06/I1eb1ghyyPk5P9En-image.png) In this window you may seem some rules that look out of place, any rules here should be ones you yourself have added so anything that doesn't look right, delete them. For example, a compromised account may have rules that look similar to the below: [![image.png](https://kb.findesolutions.com/uploads/images/gallery/2026-06/scaled-1680-/ECLwxfLmCBMiSEKY-image.png)](https://kb.findesolutions.com/uploads/images/gallery/2026-06/ECLwxfLmCBMiSEKY-image.png) Use the `delete` button to restore normal operations.

Its important to be aware that these rules are not restricted to the example above. It is better to remove any rules you are not sure of as these can be re-added later.

## Contacting Affected Recipients In your Outlook app, review the `Deleted Items` folder - you may find a copy of the phishing email that was sent. You'll then want to: - Reply again to the email - Remove the malicious links - Inform the recipients they link was not from yourself and to not click anything. - Direct them to this page if they require assistance if they have been phished. ## Further Support Contact your email provider if you require further support. **Do not delay** - its important to move quickly to limit damage potential.