We had some malware sneak through our email security this morning. Here’s how I deleted those messages.
Connect to the Compliance area of 365:
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirectio
Import-PSSession $Session
Find the messages and view the results (I was able to search by subject but there are other options):
New-ComplianceSearch -identity “Remove Phishing Message” -ExchangeLocation all -ContentMatchQuery ‘subject:”TOP URGENT”‘ Start-ComplianceSearch -Name “Remove Phishing Message”
Get-ComplianceSearch -identity “Remove Phishing Message” | fl
Delete the messages:
New-ComplianceSearchAction -SearchName “Remove Phishing Message” -Purge -PurgeType SoftDelete
Leave a Reply