My virgin.net keeps sending spam emails and each morning I get a load of delivery notification emails saying they can't be delivered. I've removed access to the account from my older devices and only access my account using a new clean device via the Internet rather than the device itself but emails are still being sent. It looks like the virus is with the virgin account itself. Am I being stupid or is anyone else impacted by this?
It is not a virus on your computer. It is a problem shared by thousands of other Virgin Media customers - as a quick look on this forum will show you. Just look for the word 'spoofing', because that is what is happening to you. Spammers are sending junk and virus links to people and making it look like it came from your email account. Virgin will try and tell you that the problem has come about because of your poor security, but the truth is that it has happened because of the poor security of Virgin Media with your email data - but don't expect them to admit that.
There is even a Facebook group with hundreds of members who are also victims of this problem. The bad news is that once it's started, there is nothing you can do to stop it - not even deleting the email account will stop it.
1) If you look inside the delivery notification messages, and look at the email addresses to which the message could not be delivered, are those email addresses known to you? Are they the addresses of friends, family, colleagues and businesses with which you have corresponded in the past?
3) Has anyone you know reported that they have received an odd message which appears to be from you, a short email message containing a link and encouraging them to click on the link?
Beginning in August 2015, there are about 540 known cases of Virgin Media email accounts where spammers have accessed the email account, stolen all of the email addresses in the account, and then send spoofed spam messages to these stolen addresses. The rounds of spam are chronic, being delivered at irregular intervals every few weeks and have continued for months.
Alright then. We recognize that problem and have some good specific ideas of what to do based on the experience of several hundred other Virgin Media customers with the same problem since August 2015.
Change your email password and your security question in order to reduce the likelihood that the spammers who have been able to steal all of the email addresses in your account can read the account again. Make the password a strong one, that does not contain words in any language. For example, think of a phrase you will easily remember and take the first letter of each word and put a number in somewhere as well. The phrase "Sergeant Pepper's Lonely Hearts" Club Band 1967" would become the password SPLHCB1967.
If you have been using the password on your email account for any other web sites, change the password there too to make it very different from your email password.
Scan your computer and any mobile devices for viruses and malware, for example, by using the free Malwarebytes program, https://www.malwarebytes.com. Hundreds of people with this problem in many different countries have scanned their computers and mobile devices with a wide variety of anti-virus programs since August 2015 and so far have not found any particular problems. Nevertheless, it is worth doing.
Here is what we expect to continue to happen based on our experience so far. At irregular intervals, typically of weeks to months, these spammers will send chatty little email messages containing a link to a large numbers or all of the email addresses which they found inside your email account. Those will be email addresses of your friends and family and business contacts. Since they have obtained every email address in every email message, some of these addresses might be years old, or addresses to which you have never written. The spammers will have picked up email addresses on the CC line of emails that other's sent to you. For example, in one case, a grandmother wrote to her granddaughter and copied several of her friends on the message. The granddaughter did not know the grandmother's friends, nevertheless, the spammers picked up those addresses while they were "collecting".
Frequently, but not always, the spam messages sent from computers around the world will have your display name and email address attached as a false email address, known as spoofing. In other words, at first glance, the spam emails will look as if they have been sent from you. This is likely to confuse your correspondents and when it happens over and over again, embarrass you since it either makes it look as if you are sending frivolous spam or are not in control of the security of your email account. At other times the display name or false from address on the spam will be a random address which is present in the account. So for example, spam messages which look as if they are from your boss might be delivered to everyone you know.
Eventually since these spam messages will continue for months, they will do damage to your personal and professional relationships. Also the large volume of messages letting you know about emails which you did not send will clog up your email account making it difficult to see the real email amongst these backscatter messages.
Here is the heart of the problem though. Particular spammers who are specialists in fraud now have a list of all of the email addresses which were inside your email account. That may include the email addresses of many businesses with which you have financial dealings. Our experience shows that they are saving and storing this collection of email addresses and the associated display names for months. This means that they know a great deal about your connections to other people. We also don't know how they entered your account and so cannot rule out the possibility that they can do so again. We also cannot rule out the possibility that they are storing all of the email which was in your account. As a result, anyone with this problem is vulnerable to fraud and identity theft.
I suggest that you immediately create a new Google email account. It has protections against spam and spoofing and unauthorized account access which Virgin Media accounts do not. Do not give the Virgin Media address as the recovery address for the new account. Turn two-step verification so that you know that even if the password is discovered, that you are the only one who can get into the account. Make a list of all of your correspondents and let them know the new address. Change your contact address with all businesses. Once you have done that it can be helpful to put an out-of-office auto-reply response on the Virgin Media account, something like this "This email account has been hijacked by spammers who are periodically sending spam email to every email address found in the account. If you receive spam which appears to come from me, know that I did not send it, the address was spoofed. To help combat this problem, please forward the spam to the Federal Trade Commission at firstname.lastname@example.org. Please also create a filter to delete all future emails from this address."
This is a pernicious problem affecting hundreds of people with Virgin Media accounts, as well as others with TalkTalk accounts and accounts provided by several other email providers in a number of countries. You can read more here,