cancel
Showing results for 
Search instead for 
Did you mean: 

Very dodgy spam situation [Part 2]

Community Veteran
Posts: 4,729
Registered: 04-04-2007

Very dodgy spam situation [Part 2]

Please continue discussion from this thread;
http://portal.plus.net/central/forums/viewtopic.php?t=55876
284 REPLIES
kreynolds
Grafter
Posts: 433
Registered: 05-04-2007

Very dodgy spam situation [Part 2]

Just deleted 11 spam messages from the OH's mailbox.
wuggywugrat
Grafter
Posts: 33
Registered: 19-08-2007

Very dodgy spam situation [Part 2]

I'm being hit by a sudden influx of spam too. I don't use Webmail at all, but somehow the spam is arriving in my default catchall address - which has been blackholed!

I didn't know about everything that was going on and on Sunday (and yesterday) rang customer services to tell them, but it's still happening even though they confirmed both times that my blackhole is operational. Just turned on my pc to find a new bundle of overnight spam addressed to my blackholed default address again.

I wonder if this has anything to do with what's going on?
Gilles
Dabbler
Posts: 14
Registered: 06-08-2007

Very dodgy spam situation [Part 2]

I agree with bartons33: All of the "from" address I have defined in webmail are being targetted.

Others (which are not listed in thr "from" list haven't been targeted yet).

Usually I use multiple "from" to try and help identify how the spammers got the address but in this instance it hasn't helped (which was quite strange, as so far this had always worked).

So I am now definitivelly leaning on the side of the peoples that think webmail was hacked into...
jeffygeoff
Newbie
Posts: 3
Registered: 02-08-2007

Very dodgy spam situation [Part 2]

Got hit with 7 last night. moved away from ed pills to complete filth. Will PN be offering new Usernames to affected customers when the problem has been solved, as it looks like these mail addresses have spread about the spammers.
Community Veteran
Posts: 1,229
Thanks: 1
Registered: 30-07-2007

Very dodgy spam situation [Part 2]

Another 4 into PN and one into Vodafone overnight.
This is not a flood or unmanageable but is nevertheless worrying.

Am I the only person being affected in non-PN accounts? (They're the same emails) It might help track down the source of the problem if PN contact VF

(although Vodafone seem fantastically uninterested in this, but then that seems to be their business model)
Gilles
Dabbler
Posts: 14
Registered: 06-08-2007

Very dodgy spam situation [Part 2]

Quote
I'm being hit by a sudden influx of spam too. I don't use Webmail at all, but somehow the spam is arriving in my default catchall address - which has been blackholed!

I didn't know about everything that was going on and on Sunday (and yesterday) rang customer services to tell them, but it's still happening even though they confirmed both times that my blackhole is operational. Just turned on my pc to find a new bundle of overnight spam addressed to my blackholed default address again.

I wonder if this has anything to do with what's going on?


I suspect they probably are not using just one method. Web mail hack is probably one. But from there they probably got access to the forums. And once in the PN forums you can start gathering a lot of username.

And from that it is very easy to guess some common email addresses (like "postmaster@username.pluis.com").

It is also seems that they have been playing the games of putting in the "TO" the main domain email address (username@username.plus.com) even if the real target (the X-something) was targetting another mailbox (like postmaster).

This would give the impression that the black-hole didn't work. It did work, but they just went around it...
N/A

Very dodgy spam situation [Part 2]

Just a note in case you are on a dial-up product, and unable to contribute to this thread.

There is a thread here which you will be able to post any questions or concerns in.
itchyfeet
Grafter
Posts: 176
Registered: 01-09-2007

Very dodgy spam situation [Part 2]

I feel I can prove that the Plus.net has been hacked into.

I have set up one mailbox, which I have only ever used as a bcc address. (I use this to send myself copies of e-mails when I'm sending e-mails away from home). The only recipient of e-mails with this address visible anywhere in the e-mail is me - so no-one else could possibly have it. I have just started receiving spam to this address (and all my other mailboxes).

I'm confident that the plus.net mailbox list or webmail has been hacked somewhere.
Community Veteran
Posts: 1,160
Thanks: 1
Registered: 01-08-2007

Very dodgy spam situation [Part 2]

No spam with offensive Subject lines since last night and to be honest, apart from those, we haven't had the pattern of spam change from what it usually is (on all valid addresses, on a couple of 'made up' variations which we've had spam to for ages and on random addresses), so I've no idea whether or not our addresses have been compromised by this business.

P.S. I only use webmail to delete spam before it gets downloaded and have only been doing that recently, since my husband started complaining that all he was getting was spam (have now set his Mail program to 'lose' any that does get through into a separate folder). Neither of us has ever used it for sending e-mail.
Plusnet user since November 2003
Currently on Unlimited Fibre Extra and Unlimited UK & Mobile Calls
Community Veteran
Posts: 3,364
Thanks: 15
Registered: 06-04-2007

Very dodgy spam situation [Part 2]

Quote
All of the "from" address I have defined in webmail are being targetted.


Any address in the To: field for messages in the Sent Items folder. Sad

So now I have become responsible for friends/family getting these messages as I use Webmail during the daytime to send/recieve e-mail.

SW.
--
3Mb FTTC
https://portal.plus.net/my.html?action=data_transfer_speed
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Very dodgy spam situation [Part 2]

kreynolds
Grafter
Posts: 433
Registered: 05-04-2007

Very dodgy spam situation [Part 2]

Just realised... Another active PN email address (not ending in kreynoldsdotplusdotcom), a legacy email address from dial up days, I use for web ordering and mailing lists hasn't been spammed. This address has never been used on webmail
StuWard
Grafter
Posts: 113
Registered: 28-08-2007

Very dodgy spam situation [Part 2]

I'm getting heavily spammed too
Started last night
zpeterk
Grafter
Posts: 377
Registered: 14-04-2007

Very dodgy spam situation [Part 2]

I've got loads of spam but my wife who has never used webmail has none of these recent ones