Recently, we have seen a number of instances where hackers have obtained access to a user's Office 365 account. Once they access the account, they will send fraudulent requests to change bank account information or wire instructions, and then create a rule
to mark new messages as "read" and move them to either the junk or
deleted items folder.
Step 1 – Change your Email Password
To change your password, follow these instructions:
- Sign in to office.com/signin with your work or school
account. - Go to Settings > Password.
- Enter your old password.
- Create a new password and confirm it.
- Select Submit to finish and change your password
- For more instructions - click here
Step 2 - Add 2 Factor Authentication
Note - your administrator must turn on 2 Factor Authentication first.
Once your admin enables your organization with 2-step verification (also called multi-factor authentication), you have to set up your account to use it.
By setting up 2-step verification, you add an extra layer of security to
your Office 365 account. You sign in with your password (step 1) and a code
sent to your phone (step 2), either via text message or an application such as the Microsoft Authenticator.
For complete instructions, click here.