Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are Blueyonder Email Accounts being hacked

Rudders60
On our wavelength

2 weeks ago

I don't regularly monitor my Blueyonder account as it is no longer used but kept for historical emails.
On Wednesday 10th April I received a threatening email saying my email/password has been compromised and stating my password and asking for money. Interestingly the password shown was the one provided to me back in October 2022 when I asked for my secondary emails to be reset.
The hackers have now attempted to create accounts using this old email address on Uber, LinkedIn, Instagram, Apple, Tinder, etc and are using this email to SPAM other users.

My primary Blueyonder email account and three secondary accounts had password resets at the same time and I suspect that all four accounts have been hacked using this data and I request that all four accounts are delated please.
I hope you have a record of when the account password reset requests were made as I would like to include this with the information information I am sending to GCHQ and the FBI.

0 Kudos
12 REPLIES 12

Rudders60
On our wavelength

2 weeks ago

I'm guessing VM don't send out emails like this when closing email accounts down

Subject:             YOUR COMPUTER AND EMAIL HAS BEEN COMPROMISED. CHECK THIS MESSAGE NOW! Importance: High

0 Kudos

Rudders60
On our wavelength

2 weeks ago

Also posted in error under Broadband/Email

 

I don't regularly monitor my Blueyonder account as it is no longer used but kept for historical emails.
On Wednesday 10th April I received a threatening email saying my email/password has been compromised and stating my password and asking for money. Interestingly the password shown was the one provided to me back in October 2022 when I asked for my secondary emails to be reset.
The hackers have now attempted to create accounts using this old email address on Uber, LinkedIn, Instagram, Apple, Tinder, etc and are using this email to SPAM other users.

My primary Blueyonder email account and three secondary accounts had password resets at the same time and I suspect that all four accounts have been hacked using this data and I request that all four accounts are delated please.
I hope you have a record of when the account password reset requests were made as I would like to include this with the information information I am sending to GCHQ and the FBI.

0 Kudos

用心棒
Very Insightful Person
Very Insightful Person

2 weeks ago

This form of threatening communication is a common tactic used by miscreants to extort victims. To improve the likelihood of success the miscreant will deploy a  psychological ruse by including information that they have obtained elsewhere to imply truth and/or risk from other things mentioned in the communication. For example, the miscreant may quote an old or current password that the victims uses or used to use.

Consider following the advice here, My Virgin media email has been hacked | Virgin Media Help and Report a phishing attempt | Action Fraud

FYI: the remit of the organisations mentioned (GCHQ - Wikipedia, Federal Bureau of Investigation - Wikipedia) makes it unlikely they would act on such an issue.

-- 
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Select Mark as Helpful Answer or 🖒 Kudos to say thanks

Rudders60
On our wavelength
In response to 用心棒

2 weeks ago

Apologies, I did not realise giving you a thumbs up meant I had accepted your solution - I was just thanking you for your reply. Until I'm back in control of my account my problem has not been resolved.

Thank you for your reply. I did full system scans on my devices with no malware found. I also run a SurfShark VPN on these devices. Naturally I never open links in email unless I'm 100% sure that they have been sent by a known contact. I'm unable to secure my email account or review auto forward settings because my password has been changed by the hacker.

I was rather hoping for the pictures of me with naked ladies but sadly those threats never materialised.

What did concern me were the fact my email password has been changed and emails from Uber, LinkedIn, Instagram, Apple, Tinder, etc confirmed that the the hacker was trying to access those accounts, albeit with the wrong email address. NB I don't have a Tinder account.

I'm familiar with reporting to report@phishing.gov.uk  (Action Fraud is part of The NCSC who are UK's technical authority for cyber threats. It is part of the Government Communications Headquarters (GCHQ) and has several roles in NIS.) IdentityTheft.gov , ReportFraud.ftc.gov  have links to the FBI.

I really want to know how the hackers convinced Virgin Media to reset my email password so that we can stop this happening again. 

 

0 Kudos

Rudders60
On our wavelength
In response to 用心棒

2 weeks ago

Sorry I do not accept this as a solution

0 Kudos

Graham_A
Very Insightful Person
Very Insightful Person
In response to Rudders60

2 weeks ago

@Rudders60 If you click on the edit arrow of the post you marked as a solution you can revoke the helpful answer flag.

You may choose to then give the post kudos as this is the correct way to say thank you on the forum.

________________________________
Graham

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Please read the FAQs
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

Rudders60
On our wavelength

2 weeks ago

Thanks Graham

0 Kudos

用心棒
Very Insightful Person
Very Insightful Person
In response to Rudders60

2 weeks ago

@Rudders60 wrote:

I really want to know how the hackers convinced Virgin Media to reset my email password so that we can stop this happening again. 

 

In an attempt to improve the security of Virgin Media email accounts user are now prompted to change their Sign in Email Address to a third-party one, i.e. a non-Virgin Media email domain. A verification email link is sent to this third-party email address and only after its receipt is confirmed can the account password be changed and / or App Password generated. It will be interest to read if the miscreant have gone to those lengths to compromise your account.

Consider checking if:

0 Kudos

Zach_R
Forum Team
Forum Team

2 weeks ago

Hi @Rudders60,

Thank you for your posts and welcome back to our community forums. We're here to help.

I'm sorry to hear that you believe your email address/account may be compromised. I can see that some other community members have offered some advice in this thread in relation to this, but for your peace of mind we can certainly take a closer look to see what can be done to help.


Please respond to the private message that I'll be sending to you shortly and we can go from there.

Thanks,
 


Zach - Forum Team
New around here? To find out more about the Community Forums, take a look at our FAQs!


Top