Forum Discussion

Psyzor's avatar
Psyzor
Tuning in
10 months ago

Getting threating emails from myself

My email account got hacked a few months back thanks to ntl's old rubbish password requirements not allowing me to have a strong password. The email went on about having easily hacked my account, even going to provide my log in details to prove it, and then threaten to release videos they totally had of me by hacking my web cam etc (Which I don't ever have plugged in).
Needless to say I did everything I could to boot them out. Changed my passwords to much more secure passwords now that the requirements were decent. I checked all my rules and there were none there. Checked forwarding and nothing. I even changed the app password and the email I used for logging onto my account.
I still seem to be getting emails from these hackers using my email and I'm confused as to how. I checked the headers etc to see if it was a spoof but as far as I can tell it's not.
Virgin Media doesn't seem to have any way of contacting someone on their support team about email so I am forced to post on here. If anyone from Virgin Media sees this please get in contact so that we can get to the bottom of this. I'd be quite happy just to have you push a button and kick out all sessions so I know that no one else has access still. Not that I think they have much access otherwise I feel they'd be doing a lot more damage rather than threats they aren't going ahead with.

  • Client62's avatar
    Client62
    Alessandro Volta

    By using a script to create an email, it is very easy to send a scam email
    that arrives with the From: and To: both having the same (in this case your) email address.

    Often there is an extortion attempt involving payment in Bitcoin or similar.
    Usually the scammer has sent thousands of similar emails in the hopes of catching folks off guard.

    • Psyzor's avatar
      Psyzor
      Tuning in

      The thing that got me the most was them putting my actual log in credentials into the email meaning they had actually, at least, got my details to log into my email account. Just wanted to make sure they didn't have some lingering door into my email.

  • 用心棒's avatar
    用心棒
    Very Insightful Person

    The miscreants were never there to be “booted out”, see Sextortion emails: how to protect yourself | Action Fraud.

    Are these extortion emails received in your Inbox folder or Spam folder? If it is the:

    FYI: should you wish to investigate where these email originated then consider using an Email Header Analyser service, for example Email Header Analyzer, RFC822 Parser - MxToolbox

    -- 
    I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
    Have I helped? Select Mark as Helpful Answer or 🖒 Kudos to say thanks

    • Psyzor's avatar
      Psyzor
      Tuning in

      Thanks for the info. The emails are coming into my Spam but it would be nice to just block them, but I'm guessing that won't be possible.

      I checked it against the Header Analyzer and it wasn't happy with it in the following areas:

      - Problem Icon DMARC Compliant
      - Problem Icon SPF Alignment
      - Problem Icon SPF Authenticated
      - Problem Icon DKIM Alignment
      - Problem Icon DKIM Authenticated

      Not sure what that means but I'm guessing it means that it is indeed a spoof email address and that makes me feel a lot better. As I said I didn't think they had proper access to it otherwise they'd be doing a lot more damage but always nice to be reassured of these things.

  • Client62's avatar
    Client62
    Alessandro Volta

    Are you saying the current ( i.e. more secure password ) credentials were in the scam email ?

    If yes, are you using an email client app on a mobile and / or email software on a laptop / PC
    without using encryption on both the inbound and out bound server settings ?

    • Psyzor's avatar
      Psyzor
      Tuning in

      No it was my original, insecure, password that they keep mentioning. There has been no mention of my newer, more secure credentials.

      • Daniel_Et's avatar
        Daniel_Et
        Forum Team

        Hi Psyzor, thank you for your posts.

        We're sorry to hear about what's happened 😔

        In order to look into this for you, we'll send you a private message on here. Look out for the envelope in the top right-hand corner.

        If you're on a portable device with a smaller screen, click on the icon in the top right-hand corner and select "messages" from the additional menu options.

        Thank you for your support Client62 and 用心棒 👍

        Regards,
        Daniel