It is a fact of life that people may by accident provide their Office 365 account detail during a phishing attack.

Unfortunately the attackers will sit on those details without doing anything other than place a rule in Outlook to forward all emails.

To check for this, please complete the following.

Change Password - Sync'd to Office 365

This might not be applicable if your PCs are not logging on to a local Domain and your Password being synchronised to Office 365

  1. It is most likely that your Windows Login is synchronised to your Office 365 Account.
  2. So change you Windows password by pressing on CTRL+ALT+DEL
  3. Choose Change Password
  4. You may need to enter your existing password then your new password Twice.
  5. Wait a few minutes for your password to update and log in at with your new password

(5 minutes)

Change Password - No synchronisation to to Office 365

You will need to speak to your Cloud administrators to reset the password and provide a new one.

Once you have your new password, check by logging in the your cloud mail account.

(2 minutes)

Check Outlook Online Rules

Open a Web Browser and got to and sign in.

Once you can see your email, Click on the COG top right of the screen.

A long list of options will appear, click on Inbox and Sweep rules

Check in both Inbox Rules (1) and Sweep rules (2) that there are no rules that should not be there, if in doubt, delete them all,

(5 minutes)

Outlook Application Rules

Open Outlook
Ensure that the Home Ribbon is active and then click on Rules

Then Choose Manage Rules & Alerts

Check if any Rules that you have are valid, if not delete them,