Hey, this is FUN! Well, sort of fun anyway.
One recent afternoon, my main email account in Outlook 365, appeared to stop receiving email. I could send it email without any reported error, I could send email from it, but nothing new was visible.
I tried to access my email in that account, using Outlook for web, same thing, no new email. Using Outlook on Android, same thing.
I called Microsoft for help and after waiting about a half-hour, a technician in India called me. It took about another half-hour for him to find my "missing" email in the RSS Subscriptions folder and then he looked in rules and sure enough, there was a rule I had not written that grabbed all new email and moved it to RSS Subscriptions. He had me delete the rule and move the messages to my inbox.
Next day, same problem, and the bogus rule was back. There were messages on the Internet about my account having been compromised. and other people were seeing the same problem.
I changed the password and that locked out three applications. Bitdefender, and two other sources I did not recognize. I reactivated Bitdefender allowing it to access my email and the RSS Subscriptions problem did not reappear.
Then I received an email from tti-corp.com telling me I had two secure messages to view. I used Windows Sandbox to view them; one was an invoice for $5 for something I did not buy. The other was a receipt for $5 paying the invoice.
After ending the sandbox, I checked the rules in my main email account and there was a new rule that moved only messages from tti-corp.com related to secure messages to RSS Subscriptions IF, the message was about a secure message. I deleted the new bogus rule and left it at that.
Things have been quiet since then.
I alerted Bitdefender to the possibility that their code was compromised. I will send them a new message telling them they are not to blame.
My concerns is that if all of my inbox mail was sent to the RSS Subscriptions folder, POSSIBLY, a message with a link to change a critical password could be sent to someone trying to break into one of my financial accounts and they could make the change and take over my account. My bank accounts are secure because they require a secondary verification for any logon and that involves my cell phone (which I otherwise hate! But don't tell my cell phone as it might be insulted and then refuse to process those secondary verifications. It's very sensitive and easily offended.
