@Baldrick1 Have you seen @MatthewWheeler 's response?😉

@jab1 

Yep, posts that cross again! Cheers.

---

@Baldrick1 wrote:

 

If I get a phishing email on any email address then I drop that address. It's a pain but in my view is better than having to constantly delete phishing emails.

 

 

---

Actually I would suggest that it is pure sanity!

I use a unique email address (alias) for each organisation I communicate with.  If their system (that email address) becomes compromised, I can change that one email address and kill of the abuse without needing to change my whole email identity with everyone else.

Such a strategy also identifies who sells contact information.

Off topic: The ability to have unlimited email addresses with PlusNet's email platform is one of the things which makes it so great, compared to having a Gmail, Yahoo or Outlook single email address.  The only features missing from the Plusnet service are auto-response and auto-forwarding on a 'real' mailbox.

I apologise to all but I had to go out for a few hours - I got called out to look after one of my grandchildren. That's what happens when you have retired.

Now to catch up. PlusNet have confirmed their emails were genuine, so the question now is what to do about it, if anything.

I don't see how changing any of my passwords will affect my receiving iffy emails, particularly as I use MW to check them before I download them to my pc. The sender wont need to know my passwords to send emails to me and get them that far through the system, so why do anything? Controlling who gets my email address is only good so far as people who should have it keep it to themselves.

My advice, FWIW, @penneck , is do nothing. as you say this was incoming (presumably spam) mail that didn't even get as far as MW.

EDIT Without knowing the full context of the PN message, I'm a little confused as to why yhey are suggesting changing your password will prevent INCOMING mail.

Thanks for getting back to us @penneck

The issue is that we've noticed your account has been logged into from 4 different foreign IP addresses hence the advice to change your password as we believe your account may be compromised

If this post resolved your issue please click the 'This fixed my problem' button

Matthew Wheeler  Plusnet Help Team

@MatthewWheeler Thanks for that info - I've been barking up the wrong tree, thinking along the lines of virus/spyware carrying mail caught by the incoming AV checks.

I've admitted my mistake.😁

The initial post threw me, but I was coming to that conclusion myself, @Townman . Next time, I'll stay quiet until things become clearer - or stay out altogether.

@Townman 

I agree, we have all been going off half [-Censored-] This is what threw me:

---

@penneck wrote:

Last night I received a couple of identical emails, supposedly from PlusNet, that my Inbox had received at least 4 emails in an hour from foreign parts. 

---

If the OP read that, the account had been accessed from abroad four times then it would have thrown a completely different light on the issue.

Presumably if @penneck  is logging into the account via a VPN then this could be the cause?

Sorry for the delay - that grandchild again. Have just got back. Thanks everyone for all your help and patience. Unfortunately, tomorrow is going to be worse for me having to be away - not back until about 3 pm.

Originally, all I asked was for PlusNet to confirm they had sent the emails. They have done so.

Both emails only talked about my secondary email address (assuming postmaster@etc is my primary email address - is that correct?).

As far as I know I don't use a VPN - what is a VPN?

If I change my PlusNet account password, will that solve this problem?

I understand changing the account password automatically changes any password that my postmaster address uses - is that correct?

If the postmaster address has a password, then the secondary address will have a password - is that correct?

Is there a knock-on to other places? This question doesn't include Mailwasher or Firefox - I've assumed they are affected by the above.

My PlusNet account has a third email address for my wife's emails. My Mailwasher and Firefox pick up the emails for postmaster and my secondary address onto my pc. My wife has her own pc where her Mailwasher and whatever she uses for emails picks up only those emails addressed to her. Could the problem have been caused by her email system? My pc is hard-wired to the modem, my wife's pc is connected to the same modem via the wireless link.

Hi @penneck,

A VPN is a "Virtual Private Network" and can be used for a multitude of reasons, such as allowing you to connect with a foreign IP Address. In this case, as you've been unaware as to what a VPN is, the foreign IP Address logins suggest that your account may have been compromised. As such. we'd advise that you change your password as soon as possible.

If this post resolved your issue please click the 'This fixed my problem' button

Alex H  Plusnet Help Team

@penneck 

If it is the secondary email address then only the password on that mailbox needs to be changed.  In that case the main account password (if it is different!!) does not NEED to change, though you might wish to do so.

If that is your "usual" email address which you have used to register with other services - for example Netflix, Amazon, Ebay - and you have used the SAME PASSWORD then it is IMPERATIVE that you also change the password on those service accounts as well.  This is nothing to do with Plusnet, but about protecting your other services and associated payment arrangements.

If you receive any 'unexpected' order 'issue' emails from Amazon etc, then DO NOT click links in the emails, go to the direct to their web sites direct and log into your account there.  A link in an email could be taking you to a spoofed site.

@jab1 

"Barking up the wrong tree" was not "aimed" at you … we all got focussed on the merits or otherwise of these email being scams / spam, whereas they (now being shown to be legitimate) have a more sinister portend than the emails themselves being malisicious.

If @penneck has used the one email address as their userID on a multitude of services using the SAME PASSWORD as that for the email account itself, then they may be exceedingly vulnerable to widespread fraud elsewhere.

Sorry if you felt barking up the wrong tree was aimed at you and came across as harsh - the message I wanted to convey is the risk that the email address / box issues might be the least of @penneck 's issues.  In their situation I would be worrying about where else I had used the same email address and password.

This is worth a listen - https://www.bbc.co.uk/programmes/m000bnbn - from Wednesday R4 You & Yours - An investigation into why some former Netflix users have had accounts reactivated months after cancelling.

The evidence suggests that someone's email address and password had become compromised … then the criminals use those credentials in an attempt to access the commonly used services using the same credentials … knowing that many people use one email address and one password.

The advice to make good use of PlusNet's unlimited email addresses (via catchall or aliases) and give a unique address to each company remains sound advice.

The monitoring of odd behaviour by PN in this profile of issue is invaluable - without it @penneck might have been totally unaware that there is a potential of an expensive issue.  There might be nothing to worry about here, but better safe rather than sorry.

@penneck 

"My PlusNet account has a third email address for my wife's emails. My Mailwasher and Firefox pick up the emails for postmaster and my secondary address onto my pc. My wife has her own pc where her Mailwasher and whatever she uses for emails picks up only those emails addressed to her. Could the problem have been caused by her email system? My pc is hard-wired to the modem, my wife's pc is connected to the same modem via the wireless link."

This has nothing to do with mailwasher, your PC, you wife's PC mail box or anything like that.

Plusnet have adised you that there has been suspicious activity of your XXXX being logged into from multiple overseas IP addresses is a short timeframe.

If XXXX referes to your MAIN email account or your USER account then you need to change the password for the main account.  That will change the passoerd you use to log into the portal, your postmaster mailbox (impacts mailwasher) and the password used by your router.

If XXX refers a secondary mailbox than only that mailbox is impacted in respect of Plusnet.  However as per the above reponse if you used that email address and the same password with other service providers then they too are potentinally at risk of being abused.

I hope that clarifies things for you?