Deleting emails for users inbox?

Copper Contributor

We had an obvious phishing email slip through own email filter and ended up in some of our users inbox.


We are using O365 gov tenant for email. 


I have run a compliance search "phishingemail" and have found where the email went and also who forwarded the email to other users.


 My question is how do I permanently delete this phishing email from the users inbox? So far, I have used this powershell command:

New-ComplianceSearchAction -SearchName "phishingemail" -Purge -PurgeType HardDelete


The above command runs just fine and changes the name to "phishingemail_Purge". After that, I run the compliance search again to see if it pulls up any results and it still shows the same emails are there. It doesn't seem like I deleted any emails if I can still see the same emails again by running the search again. I read somewhere that running the above delete command moves the email into the users "purges" folder that is invisible to the user. Is that why I am pulling up the same emails after running the search command again?


Any tips would be helpful  


0 Replies