Hack or phish
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: Hack or phish
Hack or phish
18-10-2020 5:21 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
On 29 Sept 20 I received an email saying I'd been hacked. It showed my email address at the top but there was no corresponding sender address. It claimed to have my password (an old one) and threatened to bombard my contact list with nasties if I didn't pay USD300 using bitcoins. It also said that they had installed malware on my computer. Should I change my email address?
Re: Hack or phish
18-10-2020 5:25 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I get the odd one or two like that, @Wardio2 . My advice, FWIW, is to ignore it.
It is a pure scam, and they haven't installed malware, and hasn't got your contact list, either.
Re: Hack or phish
18-10-2020 6:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
What is your email provider? Two of my friends, one with .btconnect and one .btinternet, have recently had scam emails. The BT Yahoo system was plagued with scams/hacks for years, don't know whether it still has problems as I quit when BT began charging for it about 2013. I'd agree that you shouldn't worry, scammer has acquired your addy and is just trying it on.
Re: Hack or phish
18-10-2020 9:28 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Hack or phish
19-10-2020 11:32 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks guys. Really appreciate your advice!
Re: Hack or phish
20-10-2020 11:08 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi Wardio2
The advise you have been given is 100% sound
I suggest if you have an email account which has the option of two-factor authentication if so I would set it up
I had as Longliner said a btinternet.com email address which was hacked so I changed to a gmail email account which I find excellent ( I know they read your emails but as I don't do anything out of the ordinary good luck to them ) it has two-factor authentication and details of account activity so you can actually see when the account was last accessed and by whom
HD
Re: Hack or phish
20-10-2020 3:13 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@Wardio2 wrote:
On 29 Sept 20 I received an email saying I'd been hacked. It showed my email address at the top but there was no corresponding sender address. It claimed to have my password (an old one)...
Now that is a little more worrying, you imply that the password was at sometime a valid password. Have you ever used that email address / password combination anywhere other than for access your email?
If they have your email address and a valid password, it implies that somewhere you have used that email / password combination and they have leaked their data. It you have only used it for access to your email, then your email service might have been hacked. If you use the same email address / password combination for lots of services (Netflix, Amazon, eBay etc) then you are laying yourself open to widespread risk / abuse.
NEVER use the same email address / password combination across multiple services. When signing up for on-line services which ask for user name (email address) and password, some people misguidedly use the email address and the password for that mailbox. If that third party gets hacked...
- Your email box becomes vulnerable
- If you use that combination everywhere, those services also become vulnerable
By reference to "(an old one)" you imply that you have changed the password on the mailbox. You should also change the password on any other service account which used that same old password ... and use different passwords for different services. Alternatively use a DIFFERENT email address for each service provider, using the same password or one of a small list of passwords.
If you turn on CATCH-ALL in your email settings, an email sent to anything@youraccount.plus.com will be caught by the default mailbox.
There are different points of view about the use of catch-all - some claim it leaves you open to receiving a spectrum of incorrectly addressed emails. Personally I feel that is a far lower security issue than using the same email address for all of the suppliers you do business with. I use a different email address for every supplier - if I then end up in the position you are in, I would soon know which database had been hacked, for the email address would point me to the supplier.
Such has enabled me to chase at least 3 data breaches with the service provider over the years. It can also identify where suppliers share data - I discovered that Virgin Rail and Trainline were freely exchanging data between themselves.
In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page