on 25-05-2024 13:40
I've had an email this morning (which I haven't opened) from the above with the subject: info@consumer.net - total change to your bill. For one thing, I don't know why this email has come to my email address as they all go to my husband's address, for another I can't understand why talktalk are involved with our bill and thirdly, I don't know who the heck derek hambler is???? Has anyone had anything similar to this and can the moderators throw any light on it please. I have sent it to reportphishing@gov.uk and talktalk but the copy I sent to Virgin at phishing@virginmedia.com was returned by the system administrator as an invalid address!!! All very strange!
[MOD EDIT: Title (potential spoofed email)]
Answered! Go to Answer
25-05-2024 13:57 - edited 25-05-2024 13:58
The Derek email is spam. I have sent a test message to the VM "phishing" address and it went through okay for me. The acknowledgement does say:
If you are trying to forward an email via Virgin Media Webmail and it is rejected due to containing Spam content, this is because there is outbound spam filtering on your webmail account. Should this happen, this means we are already aware of the spam email in question and have updated our spam filters to ensure it is no longer able to be sent to our platform.
25-05-2024 13:57 - edited 25-05-2024 13:58
The Derek email is spam. I have sent a test message to the VM "phishing" address and it went through okay for me. The acknowledgement does say:
If you are trying to forward an email via Virgin Media Webmail and it is rejected due to containing Spam content, this is because there is outbound spam filtering on your webmail account. Should this happen, this means we are already aware of the spam email in question and have updated our spam filters to ensure it is no longer able to be sent to our platform.
on 25-05-2024 14:23
Oh great, many thanks for that so I can now go ahead and delete it. Also, thanks for the explanation about the returned email, much appreciated. 👍😊
26-05-2024 14:22 - edited 26-05-2024 14:29
This email and others like it from that email address and name are definitely dangerous. If opened and instructions followed your 'puter will be infected. Shame i was running on autopilot and did just that. I have a full system image taken a day or so prior so I am getting ready to send my machine back in time after spending two days trying to sort it out. It is the only way to be sure that it has been removed completely. Hope it works, much to think about. First time in 28 years on the net. Will not happen again!
26-05-2024 16:23 - edited 26-05-2024 16:46
At least you have a recent image to go back to. My usual rule of thumb with virus recovery tasks is to spend an hour on trying to remove the malware and no more. After that, it becomes a data recovery and reinstallation task or re-imaging.
I have found in the past that, even if you do remove the malware, it has often corrupted other aspects of the operating system and the computer often still throws up errors during normal use. And, as you say, you are never 100% certain you have cleared the malware entirely.
30-05-2024 14:58 - edited 30-05-2024 15:06
I loaded up the emergency recovery boot flash stick and it said my full system backup is corrupt. I thought I validated it at the time. Aargh! Acronis say you can still try to recover stuff from a corrupt archive. Also turns out that being told the archive file is corrupt does not necessarily mean the actual archive file is corrupt. Go figure. Being full system I can recover partitions or selected folders/files. I spent 14 hours on Sunday doing multiple file and folder recovery operations to recover all my user data to an external drive. All operations completed successfully. From examining the drive elsewhere it looks like the recovered stuff is ok. Random sampling of course! Now debating whether to clone the infected drive to a new one and try recovering the partitions to the clone. If that actually works, fine. If not, I haven't destroyed the infected drive and if necessary could use flash boot-based software to recover my files without getting infected windows involved. If the partition restore to clone fails I could do a clean reinstall of W10 22H2, try to reinstall my apps and user data, or do I just cut my losses, get a new laptop, and reinstall the apps I use and my user data? Current laptop is ten years old!
on 02-06-2024 08:53
Hi
I've just posted about this; sorry, I didn't see your post.
I'm getting them, too, and have done what you did, also reporting it to phishing@talktalk.net
on 12-10-2024 13:14
I got one of these this morning. On opening the PDF file it was obvious that it was scammy. I just hope just looking at the PDF was not a bad thing to do.
on 13-10-2024 13:35
Hi @Robertos42 👋.
Thanks for reaching out to us, apologies that you are unsure of the validity of the email that was sent to you by us, please could you provide more details of the content of this email, and did you also click the email address to see if under the presentation email the real email address.
Please let us know.
Sabrina
13-10-2024 14:37 - edited 13-10-2024 14:57
Hi Sabrina
The title of the email was
On opening it there was a PDF file which pointed to a link, which I didn't click on as the text in the pdf was so badly written and was obviously an attempt at phishing. To be on the safe side I restored my PC using the previous days disk images, and deleted my outlook directory and restored from the previous days backup. The only slight doubt I have is if the PDF file may have been compromised. The email address it came from was a talktalk one. I forwarded the email to phishing@virginmedia.com and to reportphishing@gov.uk which was returned by the system administrator as being invalid.