Receiving the message "Your account has been flagged for unusual activity" in Outlook immediately restricts your ability to send and receive emails, access linked services, or complete essential account tasks. This restriction is triggered when Microsoft detects suspicious sign-in attempts, policy violations, or potential security risks, and it can result in temporary account lockout or even permanent suspension if not addressed promptly.
Verify the Authenticity of the Notification
Phishing emails often mimic Microsoft’s security alerts, urging users to click suspicious links or provide personal details. Microsoft never sends unsolicited emails requesting sensitive information or password resets through embedded links. Instead, legitimate security notifications direct you to sign in at https://account.microsoft.com/ or https://outlook.live.com/. If you received a flagged activity email, do not click any buttons or links. Instead, open your browser and go directly to Microsoft’s official website to check your account status.

Unblock Your Account Using Official Microsoft Recovery Tools
Step 1: Open a trusted browser and navigate to https://account.microsoft.com/. Sign in with your affected Outlook or Microsoft account credentials. If prompted, complete any CAPTCHA or additional verification steps.

Step 2: If your account is locked, you will see a message about unusual activity. Select the option to verify your identity. Choose a method to receive a security code (such as a text message or email to your registered contact info). Enter the code when prompted. If you are traveling or cannot access your registered phone/email, try signing in from a trusted device or location where you have previously accessed your account.

Step 3: Once verified, follow the on-screen instructions to create a new, strong password. Microsoft may require you to update your security information or add a new recovery method.

Step 4: After updating your credentials, review your account’s recent activity for any unfamiliar sign-ins or changes. This step helps you identify if unauthorized access occurred and allows you to take further action if necessary.
Step 5: If you cannot unlock your account using the above methods, use the Microsoft Account Recovery form. Provide as much accurate information as possible—such as previous passwords, subject lines of sent emails, or device IDs from linked services like Xbox. Submitting the form twice daily increases your chances of success, especially if you recall additional details on subsequent attempts.
Update Security Settings and Remove Suspicious Access
Step 1: After regaining access, visit the Security section of your Microsoft account. Review all recovery emails, phone numbers, and trusted devices. Remove any you do not recognize.
Step 2: Change your password to a unique combination of letters, numbers, and symbols not used elsewhere. This minimizes the risk of future breaches.
Step 3: Enable two-step verification (multi-factor authentication) to add a strong layer of security. This requires a second verification step—such as a code sent to your phone—whenever you sign in from a new device or location.

Step 4: Check for unauthorized mailbox rules or automatic forwarding settings in Outlook. Remove any that you did not create, as attackers sometimes use these to intercept your emails.
Handle Persistent Account Lockouts and Verification Failures
If the system repeatedly prompts for verification but fails to accept your phone number or recovery email, try these alternatives:
- Use a different browser or device, preferably one you have used to access your account before.
- Switch from Wi-Fi to mobile data (or vice versa) to avoid network-related blocks.
- Clear your browser cache and cookies to remove stored login errors.
- Ask a trusted friend or family member in another country to temporarily provide their phone number for verification, if your own number is not accepted (some regions are restricted for SMS verification).
- If you are unable to access any recovery methods, continue submitting the account recovery form twice daily, providing as much detail as possible each time.
- Contact Microsoft Support directly via their official support page if automated recovery fails. Provide screenshots of error messages and explain the steps you have already tried.
Recognize and Avoid Phishing Attempts
Phishing emails may look like Microsoft alerts, but typically contain urgent language, suspicious links, or requests for personal data. Signs of phishing include:
- Sender email addresses that do not match official Microsoft domains.
- Requests to click a button or link to verify your account.
- Spelling or grammatical errors in the message.
- Unfamiliar sender names or domains.
- Unexpected attachments or prompts to download files.
If you suspect a phishing attempt, mark the message as junk or phishing in Outlook. Never respond or provide information through links in such emails.
What to Do If Account Recovery Fails
Some users report persistent lockouts despite repeated recovery attempts, especially with legacy accounts lacking up-to-date recovery details. If you cannot recover your account after exhausting the above steps:
- Continue submitting the recovery form, as each attempt may allow you to recall additional details that improve your chances.
- If you have access to a linked Xbox, Skype, or other Microsoft service, use device IDs or other linked information in your recovery form.
- For accounts with critical data (such as business or academic information), contact Microsoft’s specialized support and request a temporary backup window if permanent account recovery is not possible.
- As a last resort, create a new Microsoft account and update all linked services and subscriptions. If you have recurring payments (such as Xbox Game Pass), contact your bank to stop charges if you cannot access the account to cancel them.
Resolving the "Your account has been flagged for unusual activity" error in Outlook requires careful verification, updated security settings, and patience with Microsoft’s recovery process. Keeping your recovery information current and watching for phishing attempts can help prevent future lockouts.
Member discussion