My virgin media account password has been reset by someone else several times since last Friday. Shortly after it happens, I lose access to my email and have to reset the password to regain access. I have also changed the recovery answer to a long random string which didn't help.
Is there some kind of exploit with the password reset system that allows an attacker to bypass the recovery question? The last two password reset emails even show a different name to the one from my account.
[MOD EDIT: Currently under investigation. Multiple threads merged]
My son who has one of our secondary accounts received the same format email at 2pm yesterday 14 November 2022.
It was exactly as other users are receiving and addressed to Hello ROGER and said that the password had been changed successfully. etc.
Son had been unaware of the email until this morning as he had been unable to login due to his usual password not being recognized and spent a fruitless evening trying to access his mails.
Today he has managed to change his password himself and all seems ok... so far?
What is going on?
Since last Friday I keep getting "Login to server imap.virginmedia.com with username xxxxxxxxxxxxx failed." when I try to access my emails on my PC through Mozilla Thunderbird and similar problems on my phone. I can access them OK through the Virgin Media website. The first time I got the message I changed my password and, on updating this on my PC, it worked OK. But now I'm getting the message again. I've also had several messages that I have changed my password, addressed to different people. Yet I only changed it once.
How do I fix this?
Have had this happening since Saturday (blueyonder email address). Seriously concerned that their system has been compromised (either directly or via some security flaw exploit) and they are just sticking their head in the sand, as always. Customer service person assured me my account was "secure" after I changed the password, but it is clear to anyone that the account is far from secure.
Will be getting rid of all Virgin Media products just as soon as I can. Thankfully I'd removed this email account from everywhere (important) I was using it. A lack of effective 2FA makes their offering unfit for purpose.
Does anyone know what action triggers the password updated emails? The password change email isn't the same and doesn't have a name on it and doesn't refer to the password being "updated" - so it isn't the same mechanism I've been using to change it to get back in.
It is not unusual to get emails with the TO having an address that is not your own, this is usually where an email has been sent to a group of addresses using Bcc. These emails may be clever fakes.
I often get them and regard them as dangerous spam or spoofed/forged emails.
Any email that is not address to yourself is suspect, or sometimes it is to recipients
It is best not to click on any links or images and downloads/attachments in these types of emails.
Also, if you think you have been hacked, check that no auto forward has been set up in your email account by the hacker.
It is possible other sessions of an email can remain logged in, I recently had a message on logout to close all browsers which was unusual after finding messages in my trash sent from myself which I had not sent.
Virgin have removed the facility to close all sessions which may be less secure.
Password changes can be tricky, I have been locked out a few times myself. there is time delay changing passwords that can be approx 10 minutes
I suggest you do some antivirus scans also.
I no longer use my virgin ISP email and use "more secure" free email providers that have 2 factor authentication such as Outlook.com, Gmail.com, Yahoo.com.
@ALF28 The particular issue under investigation in this thread is not a case of the TO address in an email being spoofed. It relates to password reset notifications bearing the name Roger or Philip rather than the actual contact name.
I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Please read the FAQs
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks
So, are these password changed emails from virgin or is it a scam. I have not had one myself, does it only affect secondary emails?
Perhaps, following investigation by virgin these emails should be blocked or tagged as spam, unless it is an administration error?