Issue: Your users have received phishing emails and you need to locate all of those emails and purge those emails from your users' mailboxes.
Solution: Run a Content Search using Powershell or using the GUI for this task
Step 1: Connect to Security and Compliance Center on Powershell:
Connect-IPPSSession
Step 2: Create your query and run it (Search for and delete email messages in your organization - Microsoft 365 Compliance | Microsoft Docs)
$Search=New-ComplianceSearch -Name "Remove Phishing Message" -ExchangeLocation All -ContentMatchQuery '(Received:4/13/2016..4/14/2016) AND (Subject:"Action required")'
Step 3: Delete the Messages
Note: Leverage the Hard delete option over the soft-delete, as the emails will still appear in subsequent searches if not hard deleted
New-ComplianceSearchAction -SearchName "Remove Phishing Message" -Purge -PurgeType HardDelete
Case 17557
Comments
0 comments
Article is closed for comments.