This article lists some troubleshooting steps you can take if a draft Email keeps reappearing in your Outlook Mailbox. An Outlook hacked draft email is a common sign of account compromise as attackers create or modify draft messages to exploit your mailbox.
Table of Contents
What does it mean that your Outlook account hacked?
When your Outlook account is hacked, it means an unauthorised person has gained access to your mailbox and is actively using it without your consent. This often results in suspicious activity such as unexpected sign-ins, missing or altered emails, spam being sent from your account, or hidden inbox rules that automatically move or delete messages. A common indicator is Outlook hacker created rules, where attackers set rules that can send Emails automatically on your behalf, or a draft email keeps appearing.
Proven solutions to get rid of the hacked Draft Email issue
Many affected users have reported solutions to address this issue. I would discuss one by one.
Secure your Outlook account after recovering
You can easily secure your Outlook account if it was hacked to ensure the hacker no longer has access. For that, see these steps:
- Reset your password. If this is already done, that’s an important and correct first step. Make sure the new password is strong and unique.
- Sign out of all active sessions to block any unauthorised access. Go to https://account.live.com/Activity and select Sign out everywhere.
- Update your security information by visiting https://account.live.com/proofs/manage/additional. Review all listed recovery details carefully.
- Remove any unknown or suspicious email addresses and phone numbers that you do not recognise.
- Enable Two-Step Verification if it is not already enabled, as it adds an extra layer of protection beyond your password.
- Also, check https://account.live.com/SignInPreferences to ensure you do not see any additional authentication methods for your Microsoft account.
Clear Rules in Outlook for Web(OWA) or O365
Most often, the rules are the root cause of the hacked draft email issue in Outlook, whether a local rule or a malicious server-side rule, often identified by the Outlook rule name idtienphuoc1 or a similar name. The Outlook hacker created rules that keep the draft email from disappearing. To check the Rules associated with your account, see the steps below:
Remove the hidden rule Outlook for web / New Outlook to remove Outlook hacked draft Email
- Open Outlook for Web.
- Go to Settings > Mail > Rules.
- Delete any unrecognised, or even better, all Rules.
- Wait for 48 hours and see if the Outlook draft disappears.
Outlook 365
If you are using Outlook 365, a simple command can remove rules. The simple command is just an Outlook Switch. See below for that:
- Press the Windows key + R keys.
- Type “outlook.exe /cleanrules” without quotes, and press Enter.
- This command removes both Server-side and Client-side rules. If you can run Outlook 365, you should try this step.
Check Microsoft To-Do for tasks creating rules
It’s possible the Outlook hacker created rules in the Microsoft To-Do app, which could be causing the Email to appear. Once you flush out Microsoft To-Do, the Outlook hacked draft Email issue can go away. Go to the Software using this link and clean everything:
This should resolve the issue, most probably.
Remove unrecognized Contacts
Some users have reported that deleting unrecognized contacts from Outlook here would also help them regain access to their accounts. The list might be pretty big if you have large contacts.
Contact Outlook support to eliminate any backend rules
If nothing helps, the last step, as people have reported, is to contact Outlook.com support. They can remove any backend rules. Once they are done with backend rules, concurrently, the problem will get sorted in the next 24 hours. The steps for it are below:
- Visit this website: Contact – Microsoft.
- Type your problems in the search box there (for example, “Contact support”).
- Click Get Help, then select Contact Support below.
- Go to the Products & Services tab and choose the Outlook category.
- On the Category tab, choose based on your actual problem, such as cannot sign in, and mention that an outlook hacker created rules.
- Go to Confirm to proceed with contacting support for the problem.
Feel free to share the other solutions in the comments….
