Community FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Blueyonder email account compromised

ConcernedSon
Just joined

Friday

Today it seems scammers from Nigeria accessed my fathers blueyonder email account.
I deduce this from the mail hedder containing:

X-Originating-IP: 102.88.111.43

I am wondering if there has been any large scale hack of blueyonder data? or anyone knows of a substantial number of similar issues lately?

I am a long way away so trying to give my dad support remotely, and have just completed a full system scan of his computer but cannot detect any virus/mallware/spyware active.

I also cannot contact blueyonder on his behalf via email, which is annoying...

Any information / support would be appriciated

 

0 Kudos
3 REPLIES 3

jpeg1
Alessandro Volta

Friday

No general hacks reported at the moment, but emails used for many years are subject to hacking if the user has used the same password on different accounts. Could your father have done this?

Can you change his password?

https://www.virginmedia.com/help/broadband/manage-email-account

- jpeg1
My name is NOT Alessandro. That's just a tag Virginmedia sticks on some contributors. Please ignore it.
0 Kudos

coenoby
Very Insightful Person
Very Insightful Person

yesterday - last edited yesterday

@ConcernedSon wrote:

Today it seems scammers from Nigeria accessed my father's blueyonder email account.
I deduce this from the mail hedder containing:

X-Originating-IP: 102.88.111.43

if that header is from an email message sent to your Dad, apparently from his email account, then you can check whether his email  account has actually been hacked by looking for this section of the header:

X-Authenticated-Sender: xxxxxxxxxt@blueyonder.co.uk

1)  If that section reports your father's email address as being the authenticated-sender then his account has definitely been hacked. That header is saying that the email really was sent from his Blueyonder email account using his email address and password.

2) On the other hand, if that X-authenticated  section is missing or has a different address in it,, then the From address in the email has just been spoofed (faked) by a scammer to make it look as if the email was sent from his email account. 

In that case the scammer has not accessed your father's email account even though they may have quoted a password in the email itself. They gather the passwords from third party sites that have suffered a data breach.

Coenoby

 

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media.

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos

Steven_L
Forum Team
Forum Team

3 hours ago

Hello ConcernedSon,

Welcome to the Community and thanks for taking the time to post here on the forums. I’m sorry to hear of the issues that your father is having with his email account. Have you been able to get the issues resolved with the assistance of the community members?

Kind Regards,

Steven_L

0 Kudos
Top