cancel
Showing results for 
Search instead for 
Did you mean: 

Urgent - Account password compromised, unable to change it

FIXED
Eric355
Hooked
Posts: 6
Thanks: 2
Registered: ‎02-03-2018

Urgent - Account password compromised, unable to change it

I've just called the Plusnet 'support' line to hear a message saying wait times are approximately 60 minutes!!

A couple of days ago I received one of those fairly common emails written in broken English stating I had been videoed while watching porn and asking me to send money.  However, this one was different: the subject line included my Plusnet account logon password and the opening to the email repeated it stating the sender was aware of one of my passwords.

I've now tried changing this password several times using the URL https://portal.plus.net/my.html?action=change_password&s=0. I've used Firefox on Linux and Windows 7 and Chrome on Windows 7. In every case clicking on 'Change Password' returns me to the same page with no indication of whether the updated has succeeded or failed.  In every case the password has not changed.

The on-line help and support menu options do not appear to include any guidance on changing account or email passwords.

Please advise as a matter of urgency how I change my account password.

I have only every used the password quoted for my Plusnet account logon so I can be certain of its source.  I have only ever used it when setting up my router or logging into the Plusnet portal.  I therefore suggest you carry out some checks to establish whether there has been a compromise of your servers.

Tags (1)
7 REPLIES 7
deank
Plusnet Alumni (retired)
Plusnet Alumni (retired)
Posts: 325
Fixes: 14
Registered: ‎23-11-2017

Re: Urgent - Account password compromised, unable to change it

Fix

Have you ever used the password on any other website before? If not, I would recommend running a complete scan of your system, as it's most likely a keylogger that has caught the password. If this is installed on your system, it could catch other user name and passwords that you enter as well.

 

You can also try the forgotten password option to see if this forces a password through. If not, then unfortunately you will need to speak with our support team over the phone as we cannot reset details through the forums.

Eric355
Hooked
Posts: 6
Thanks: 2
Registered: ‎02-03-2018

Re: Urgent - Account password compromised, unable to change it

Hi Dean,

Many thanks - the 'forgotton password' link worked.  It might be worth PlusNet looking into why the normal password reset page doesn't appear to work.

As far as I am aware I have not used my PlusNet account password anywhere else. I have no evidence any of my other passwords have been compromised, so I am not convinced I have a keylogger issue. I do most of my 'system admin' type work on a Linux laptop which I tend to rebuild fairly frequently to try out new distros.

The email was also sent to a Plusnet email inbox I use very infrequently.

Regards
Eric

Alex
Community Veteran
Posts: 5,477
Thanks: 908
Fixes: 12
Registered: ‎05-04-2007

Re: Urgent - Account password compromised, unable to change it

Hi Eric,

It's important you do a scan of your system, as it sounds to me as if a keylogger is installed which is targeting PlusNet logins and no doubt other sites.

I don't really use AV software (yes I know I should), but let us know what you're using (e.g. PC or Mac) and am I sure someone here can give some advice on good software they use.

Eric355
Hooked
Posts: 6
Thanks: 2
Registered: ‎02-03-2018

Re: Urgent - Account password compromised, unable to change it

Hi Alex,

On my Windows 7 laptop I run the Plusnet provided McAfee AV.  I'm going to install a SSD next week and I'll do a fresh install.

My Linux laptop (Mint 18) was a fresh build only a few week's ago.  I don't have AV on this machine.

Regards
Eric

 

corringham
All Star
Posts: 709
Thanks: 360
Fixes: 9
Registered: ‎25-09-2015

Re: Urgent - Account password compromised, unable to change it

@Eric355, most people use passwords on more than one site, even when they think they haven't. There have been lots of major hacks where hundreds of millions of email addresses and passwords have been stolen. Many addresses & passwords used in the porm scam e-mails are from hacks 5+ years ago (e.g. LastFM)

I recommend you go to the website https://haveibeenpwned.com/ and put your e-mail address(s) in - it won't tell you your passwords, but will tell you whether your e-mail has appeared with password on any "dark web" sites where they are sold by hackers. I'm in there a few times!

There is also a section where you can put a password in - it will tell you whether that password has ever appeared in the lists for any account - so not necessarily anything to do with you. None of my current passwords appear in the list of half a billion which is reassuring.

Eric355
Hooked
Posts: 6
Thanks: 2
Registered: ‎02-03-2018

Re: Urgent - Account password compromised, unable to change it

Thanks for the link to the website.  I have used it before to check my email addresses (which are on there) but hadn't spotted the password check.  None of my current passwords that I've checked appear, but the one I had used for Plusnet is listed. 

I agree I may have used it some time ago for another site, not that I can recall doing so and I am quiet certain I haven't done so for a number of years.

 

Gandalf
Plusnet Help Team
Plusnet Help Team
Posts: 25,367
Thanks: 9,242
Fixes: 1,481
Registered: ‎21-04-2017

Re: Urgent - Account password compromised, unable to change it

Glad to hear that you've managed to change your password.

The issue with the change password tool is logged internally with our incident management team under ref IMT-3068.

If this post resolved your issue please click the 'This fixed my problem' button
 Anoush Mortazavi
 Plusnet Help Team