As my Sent box is empty and I have found another sent folder tucked away in the hidden depths of the folders ~ with legitimate sent emails and none other, I am wondering where these emails are lurking, most definitely not from me, nor from my PC ... no I shan't be parting with any cash for their proposed fixer uppers
I too have had a letter from Virgin this morning saying that my email address is sending spam, this confirms what I was experiencing about 10 days ago when I started to receive a large number of Mail Delivery System failure messages from recipients that I had not sent emails to.
Upon investigation it would appear that it was only my address that was being spoofed and not that my account had been hacked as there were no indications of any sent mail from my address to the recipients concerned and when examining the details of the Mail Delivery System failure messages there was no indication that the spam emails had originated from the Virgin media mail servers.
This is apparently not an uncommon practice and I feel that Virgin are correct in advising its customers of the spam that is seemingly originating from their account.
I too have had this letter, and I know that my equipment has not been compromised, I run a full Virus scan everyday using "Trend Micro Internet security" and once a week a full scan using "Malwarebytes".
However I have taken the advise in the letter and changed the password, and security question on the account in question, just to be on the safe side.
I also think as a poster above said that this is a case of email spoofing.
I received the same letter this morning and am disgusted that Virgin is implying the problem is that my machine(s) has / have been compromised.
Just out of interest I have just run a complete sweep of my machines with my existing anti-virus protection and 2 other anti-virus options. One of which is the Virgin recommended F-Secure and they are as clean as a new pin.
I am sorry you received this letter it must be quite worrying, we do have a bit more information with these type of things however we tend not to put them in the letter for data protection reasons.
I will tell you a bit more to try and do my best to help. Your primary ntlworld email addresses sent a batch of spam emails on the 10th of November. From our SMTP logs we see that an authenticated login occurred originating from a Serbia IP address. I'm guessing that is not you, so perhaps someone has guessed your password or harvested it from one of your CPE devices being infected. We honestly sent the letter with the best of intentions to notify you and to do our best to help.
If you have not done so already it may be worth considering changing your email passwords, we have some more advice here. As the virus scan of your devices shows nothing hopefully it was just a case of the email password being guessed.
Many thanks for your explanation and the additional information and you are correct I did not Holiday in Serbia and send numerous SPAM emails
Could you please explain why, when the primary mailbox received the first load of 'undeliverable' replies in September you say the SPAM was not sent until November? Followed by a second email address on the same account just after that account was switched to the new Virgin media email platform but we have not received notification of this second account sending SPAM emails nor was it included on the letter recently received.
Since I doubt these 'undeliverable' messages would have been filtered out on the original Google platform and having found nothing on any CPE I can only assume one of the following has occurred:
1) The password, despite being alpha numeric, was 'guessed' quite some feat requiring an amount of time not usually devoted to anything other than hacking into something more interesting than an individual's email account.
2) A virgin mail server itself was compromised in the transition from the Google platform to the new Virgin media platform.
3) Cross mailbox contamination somehow occurred in the transition from the Google platform to the new Virgin media platform which has infected our email account(s)
Following the second bath of 'undeliverable' messages to the primary account the password was changed, this was prior to receiving your letter of notification so hopefully everything will now be OK but it still does explain how this has occurred.
Is it possible for you to send or make available for download the SMTP logs for all email accounts on this Virgin account so that I can cross reference 'undeliverable' receipts against the SMTP log. In case of data protection issues these can be sent (or notification of the download link) to the primary email account, since this account is not the primary email account.