cancel
Showing results for 
Search instead for 
Did you mean: 

Another NTLworld email hacked

JonBee
Tuning in

I am suffering from a what seems to be a common problem. I have left my primary NTLWorld email pretty much untouched for years now, only checking it now and then. I should have updated the password to something more secure earlier. It now seems that a hacker has gained access to it and has managed to use it to make postings on my eBay account (That's another story and something that I am liaising with eBay about). I have been able to log into my Virginmedia account and change my password, but the hacker still appears to be able to access this email address and move messages received from eBay to the deleted items folder. I think I might have read that other programmes other than webmail will not be knocked out of an NTL email account by a password change? Is there anything else that can be done to stop this unauthorised access? I'd delete the email address entirely if it were possible. Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

coenoby
Very Insightful Person
Very Insightful Person

@JonBee wrote:

"I I think I might have read that other programmes other than webmail will not be knocked out of an NTL email account by a password change? Is there anything else that can be done to stop this unauthorised access?"

I think you may be referring to the fact that the hacker may not be affected by a password change if they already have a webmail session of your email account open.

The only thing you can do to mitigate against that is to update the automatic sign out period for your webmail account  to 5 minutes by following steps 1 - 3 below:as below:

Automatic sign out.png

While you are at it, I would also reset the "password recovery question" for that email account. The option to do that is just below the password edit option on the Account Details page of the "My Virgin Media" account.

"I'd delete the email address entirely if it were possible. "

That would indeed be a good option but  sadly the Primary email account address for a VM broadband account is effectively "baked" into the Virgin Media system so it cannot be deleted. As far as I am aware that is how it has always been.

However, in May last year VM stopped  issuing new email accounts to customers and although VM still support the email accounts of existing customers, the whole future of the VM email service is unclear. Since May 2022 VM appear to have been making changes to their systems. For example new VM customers have to use their own third party email addresses as their Primary address to register with VM.  Also, you can no longer reset passwords for secondary email accounts from the Primary "My Virgin Media" account because each secondary account now has its own "My Virgin Media" account.

I have not seen any information that suggests they have made any changes that would allow Primary VM email accounts to be deleted but the Forum Team (VM staff who support this forum) will be able to confirm the position on that. One of them will contact you via this forum in a day or so.

Coenoby

 


 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media.

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

See where this Helpful Answer was posted

8 REPLIES 8

coenoby
Very Insightful Person
Very Insightful Person

@JonBee wrote:

"I I think I might have read that other programmes other than webmail will not be knocked out of an NTL email account by a password change? Is there anything else that can be done to stop this unauthorised access?"

I think you may be referring to the fact that the hacker may not be affected by a password change if they already have a webmail session of your email account open.

The only thing you can do to mitigate against that is to update the automatic sign out period for your webmail account  to 5 minutes by following steps 1 - 3 below:as below:

Automatic sign out.png

While you are at it, I would also reset the "password recovery question" for that email account. The option to do that is just below the password edit option on the Account Details page of the "My Virgin Media" account.

"I'd delete the email address entirely if it were possible. "

That would indeed be a good option but  sadly the Primary email account address for a VM broadband account is effectively "baked" into the Virgin Media system so it cannot be deleted. As far as I am aware that is how it has always been.

However, in May last year VM stopped  issuing new email accounts to customers and although VM still support the email accounts of existing customers, the whole future of the VM email service is unclear. Since May 2022 VM appear to have been making changes to their systems. For example new VM customers have to use their own third party email addresses as their Primary address to register with VM.  Also, you can no longer reset passwords for secondary email accounts from the Primary "My Virgin Media" account because each secondary account now has its own "My Virgin Media" account.

I have not seen any information that suggests they have made any changes that would allow Primary VM email accounts to be deleted but the Forum Team (VM staff who support this forum) will be able to confirm the position on that. One of them will contact you via this forum in a day or so.

Coenoby

 


 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media.

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Thanks, your advice is reassuring as I took the steps that you suggest in a frenzy of trying all I could think of to secure my account yesterday. Hopefully I will have foiled the hacker. I had assumed that it is apps such as Outlook etc., rather than webmail logins, that would continue to be logged in to the account without being updated after a password change. Hopefully they are logged out too? 

Thanks again for your helpful advice 🙂 

coenoby
Very Insightful Person
Very Insightful Person

@JonBee wrote:

 I had assumed that it is apps such as Outlook etc., rather than webmail logins, that would continue to be logged in to the account without being


Once you have changed the email password, email apps and clients such as Outlook will continue to have the old password in their settings. That means they will report errors when attempting to send,  receive or delete emails for that account so email apps should not be a problem.

However, if the hacker can discover the new password obviously they would be able to update the settings in Outlook.

Looking back at your first post and seeing that you specifically mention the hacker being able to delete eBay emails makes me realise there is something else I should have suggested in my first post.

Hackers often  set up filter rules in the hacked account to delete or autoforward specific emails to hide their activities. Once they have done that the rules remain in operation until you delete them.

Check whether they have done that by the signing into your webmail account and following these steps. If there are any rules or an autoforward you do not recognise you can disable them or preferably, delete them completely:

delete filter rules.png

Hope that makes sense.

Coenoby

 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media.

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Thanks again. I really appreciate the thought that you have given to my situation and questions. I'll rest assured that the hacker will no longer be able to get into my account regardless of the platform being used following my password changes and other actions as you described (although I don't think I'll be able to resist making daily password changes for a while.....).

I appreciate your point regarding the forwarding rules. I did notice that one had been set and I removed it yesterday. I now keep checking regularly to make sure they haven't been re-set. So far so good on that front.

Best wishes

 

 

coenoby
Very Insightful Person
Very Insightful Person

@JonBee wrote:

I appreciate your point regarding the forwarding rules. I did notice that one had been set and I removed it yesterday. I now keep checking regularly to make sure they haven't been re-set. So far so good on that front.


Good to hear that you seem to have got on top of this. Hopefully you won't see any further hacking issues.

Do bear in mind though that VM email is by no means the most secure of email services. You might consider moving over to a more secure email service, for example one offering 2 factor authentication. There are lots of excellent options out there https://www.lifewire.com/best-free-email-accounts 

I know it's a pain updating all your online accounts to your new address but you will be a lot safer from hackers.😉

Coenoby


 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media.

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Haha! Yes 😄 

I have been using Fastmail.com for some time now. Over the last couple of days I've been busy changing all of my website logins to that email so that I can truly put my NTL email into complete retirement. Not a quick job but worth it.......

Bikerdave
On our wavelength

Hi Coenoby

I have discovered a rule set up in my web mail as described by you in this post. The hacker targeted a certain email header that I don't wish to disclose on here for obvious reasons. Your ref to 'poor' security levels on VM is a concern to me, no 2 step etc and extremely likely not to get it either. When I deleted the rule I also added the forwarding email they had set to the blocked list, this then displayed the word  Blacklist in the box under add new rule. I deleted the blocked email and it went away. Is this correct or would I be better to delete any trace of the email address from my system?

 

Hi Bikerdave, 

Thanks for taking the time to post about your issues in the Community.

We're sorry to hear your email was hacked and they changed a number of things including setting up some mail forwarding. 

Hopefully by now, as well as deleting the rules, you've also been able to change your password. There is some practical advice here.

Please let us know if you have any further issues. 

Many thanks, 

Kath_F
Forum Team

New around here? Check out the do's and don'ts, in our Community FAQs