The call centres are only dealing with lost and damaged devices so I cant contact them till tomorrow and am stressed out
Had an email from Virgin yesterday to say that I seemed to have forgotten my secret password and to go on line if I did. I logged in via my pc , reset the online password and checked all was ok.
I've just logged in now and seen that an hour later a high value handset with no upfront cost has been order and posted 200 mile away from my billing address.
An hour later yesterday they have done the same thing on the second sim contract that I have to the same address.
I only realised this had happened as had an extra this evening to say "my new device" is now setup.
I've had no texts relating to the original order and no emails to confirm any order was placed.
Yodel is showing as both having been delivered but no signature due to COVID . So I'm guessing they have now disappeared.
Am stressed as I cant report this to anyone and as to how they managed to place the order against my account in the first place. The order says it was placed by Customer Services (telephone). So not sure if thats in store or over the phone.
Anyway , as you can see from the long rant, I'm concerned so any guidance on the process would be great as I;ve been told to wait until 9am and phone back then. Probably wont get too much sleep though
how did you reset the password - if via a link in the original email then you need to reset via the account log in not via the link you used earlier - if the scammers still have access to your account then they may well repeat the process of ordering phones - also check that contact details - emails etc have not been changed on your account
have you checked your bank account to see if new DD's have been set up for the phones - cannot see VM sending them out if not
then in some way your account has been hacked - obvious i know - if they have changed the delivery address and other details then you have to question how - maybe its as simple as instructing the VM agent to send the phones to a different address but to do that they have to have access to your log in details - thats your reset password - so how have they got access to that if you are sure you logged into your account and not a scam copy of it
in no way questioning what you are saying but something does not add up to me - it all starts with you changing your password - afaik VM would never mail you to do that - if you had forgotten it they send it my snail mail so the original mail is the scam - but if you logged into your pc and then logged into your VM account by a correct link then the scam cannot work
if you logged into your pc and then logged into your account via a link in the received mail then things fall into place
you [of course] need VM to resolve this which hopefully they will but you need to be sure how you logged in to change your password - that is a key point - if as you say it was by direct link from the VM site then i suggest your PC security is compromised
something not right on VM's side there imo - change the delivery address without passwords sound lax at best and then to repeat it a second time - surely they would have to do credit checks - if not why not
that said i had an bank account taken over by security fraud a few years ago and that was with minimum known info - the security that is asked for is minimal sometimes - especially if someone is keen to sell as could be the case here
i would still advise talking to your bank to make sure VM dont take payments until this is resolved there systems dont always talk to each other so if the DD is set up it will be collected - you also need to know if the DD is not collected they will not black mark your credit rating and put any debt out for collection - again systems are not always in line so thats likely to happen
hopefully you will get it all resolved quickly and non of the above matters but i would not hold my breath
So after a week, I was supposed to get a call back at 10am from customer services to tell me how things were going. Needless to say no call yet.
Have been in DM with Paul as above but again no news from that route either
Of the two orders which were fraudulently placed, they got the first package but I stopped the second one going to the scammers by changing the delivery date back. However a week on I'm still having to do this and its still with yodel and no one from VM has recalled it. So if I hadnt of been doing this , another £1K phone would have gone to the scammers.
I've also found out that as part of this breach , the non VM mobile phone number that I use for contact was also given to the scammers as the other provider was contacted in the same way a day later except they send out a text verification so they never got in to anything. I can tell this came from this issue as it happened within a day of this one and was again done via chat. I have other mobiles but none other were targeted. Wonder what other data was given out....
Today I received my first bill for the two orders I didnt place.
Will give it a few days before I contact Customer Services to see if they contact me at all.