Recommendations if your user account has been compromised. We recommend that you review the following information and take any actions as necessary. Learn more
- Review mailbox delegates
- Review mail forwarding rules to external domains
- Review global mail forwarding property on mailbox
- Enable mailbox auditing logs
- Review audit log details for the user account
Ensure protection
To protect accounts from further compromise, we recommend you enable the following features on the account: - Enforce complex passwords on the account
- Enable multi-factor authentication