HiI'm hoping someone can helplast year I was able to access my secondary email account via webmail & computer. I received info from virgin about setting app password which I did. Since then I have been unable to access it but still receiving email on my computer.But past few months have been receiving tonnes of spam, which I have been blocking. But received threatening email today FROM my secondary account email address demanding ransom be paid to a bitcoin account?So worried now that my account has been hacked and I've got no way of checking or accessing it?Thank you in advance

This form of threatening communication is a common tactic used by miscreants to extort victims. To improve the likelihood of success the miscreant will deploy a psychological ruse by including information that they have obtained elsewhere to imply truth and/or risk from other things mentioned in the communication. For example, the miscreant may quote an old or current password that the victims uses or used to use.For further advice see Report a phishing attempt | Action FraudFYI you only need the App Password when using an email client, like Thunderbird or similar. For My Virgin Media and Virgin Media Mail (webmail) use either your email address (or third-party email address if recently changed) along with the account password (this is not the App Password).-- I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn moreHave I helped? Select Mark as Helpful Answer or 🖒 Kudos to say thanks

bodiesmum,You may well have already hit the nail on the head when you said in an earlier post "...seemingly sent from...". It is unfortunately all too easy for spammers to spoof display names, so the mail may appear to come from you or your (secondary) account, even if it doesn't. This can happen, as 用心棒 explained if the ougoing email service doesn't validate the sender's email address. If you use Outlook it is very easy to inspect the mail header - right click on the mail header in the list then select message options and by checking the various "from", "reply-to" and "envelope-from" fields in the message header that is displayed it should be possible to tell whether or not the mail really did originate from your account: If any of "from", "return-path" and "envelope-from" are anything but your exact email address (with no addiions) then your address has probably just been spoofed (it happens all the time); if they are all set exactly to your email address then your account may have been hacked.

It is possible because the message is not sent via Virgin Media's email server but another insecure email server that does not validate the “From” address.Consider following the advice here, My Virgin media email has been hacked | Virgin Media Help, to recover access to your email account. If the issue persists post back here to flag to forum team.

Thank you for replying however the email is seemingly being sent FROM my email TO my email? How is that possible?Also I needed to use the app password with my email my client but that's not working now either.I used to be able access the secondary account via webmail but even if I request a password reset it's just saying unable to verify email/password

Hi thank you again.I have tried all of the suggestions on that page but it's still not recognised.☹️

Secondary account gone plus bitcoin threat/hack? | Virgin Media Community

15 Replies

用心棒
Very Insightful Person
2 years ago
This form of threatening communication is a common tactic used by miscreants to extort victims. To improve the likelihood of success the miscreant will deploy a psychological ruse by including information that they have obtained elsewhere to imply truth and/or risk from other things mentioned in the communication. For example, the miscreant may quote an old or current password that the victims uses or used to use.
For further advice see Report a phishing attempt | Action Fraud
FYI you only need the App Password when using an email client, like Thunderbird or similar. For My Virgin Media and Virgin Media Mail (webmail) use either your email address (or third-party email address if recently changed) along with the account password (this is not the App Password).
--
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Select Mark as Helpful Answer or 🖒 Kudos to say thanks
- bodiesmum
  Tuning in
  2 years ago
  Thank you for replying however the email is seemingly being sent FROM my email TO my email? How is that possible?
  Also I needed to use the app password with my email my client but that's not working now either.
  I used to be able access the secondary account via webmail but even if I request a password reset it's just saying unable to verify email/password
用心棒
Very Insightful Person
2 years ago
It is possible because the message is not sent via Virgin Media's email server but another insecure email server that does not validate the “From” address.
Consider following the advice here, My Virgin media email has been hacked | Virgin Media Help, to recover access to your email account. If the issue persists post back here to flag to forum team.
- bodiesmum
  Tuning in
  2 years ago
  Hi thank you again.
  I have tried all of the suggestions on that page but it's still not recognised.☹️
  - Matthew_ML
    Forum Team
    2 years ago
    Hey bodiesmum, thank you for reaching out and I am so sorry to hear about this.
    
    So you can still access the emails however you are getting a lot of spam?
    
    Or it only on certain websites you can log in?
davidas99
On our wavelength
2 years ago
bodiesmum,
You may well have already hit the nail on the head when you said in an earlier post "...seemingly sent from...". It is unfortunately all too easy for spammers to spoof display names, so the mail may appear to come from you or your (secondary) account, even if it doesn't. This can happen, as 用心棒 explained if the ougoing email service doesn't validate the sender's email address. If you use Outlook it is very easy to inspect the mail header - right click on the mail header in the list then select message options and by checking the various "from", "reply-to" and "envelope-from" fields in the message header that is displayed it should be possible to tell whether or not the mail really did originate from your account: If any of "from", "return-path" and "envelope-from" are anything but your exact email address (with no addiions) then your address has probably just been spoofed (it happens all the time); if they are all set exactly to your email address then your account may have been hacked.
coenoby
Very Insightful Person
2 years ago
bodiesmum wrote:
I received info from virgin about setting app password which I did. Since then I have been unable to access it but still receiving email on my computer.
When you set up the mail app password for your VM account did you have to specify a non VM email address (perhaps a Gmail or Outlook address)? That would have been the email account that received the verification email from VM for your password change .
If you did specify a non VM email address as part of that process then that email address will become the username for your VM webmail and My Virgin Media accounts.
So when you sign into VM webmail you need to enter that non VM email address (not your VM address) as the username together with the VM password. Your VM email address will remain unchanged.
Confusingly, the email settings in your email client will remain unchanged, so the username field in Outlook should stay as your VM email address.
By the way, emails such as the threatening email you have received have been doing the rounds for years. They are simply scams not hacks. As others have said, the scammers simply spoof (fake) the sender's address. They do that to scare your into believing that they have access to your account so you will pay the ransom they demand.
Coenoby

Forum Discussion

Secondary account gone plus bitcoin threat/hack?

15 Replies

Related Content

Problem accessing SECONDARY email accounts

Change secondary account to primary account

Hacked Secondary Account

Secondary ntlworld.com account

Secondary email account - imap/smtp failure