on 28-07-2022 16:37
on 29-07-2022 17:03
Hi there @pb30531
Thank you so much for your post to our community forums and welcome back to the team, it's great to have you here.
I am so sorry to hear that you are facing this issue with your account!
Can I ask what email address the warning came from?
You can change your password via your My Virgin Media profile and we would recommend changing this as soon as possible if you are still using the temporary one.
You can also use the forgotten password link when signing in to reset the password this way.
Thank you.
on 29-07-2022 19:27
Hi Ashleigh,
Thanks for the email. Following is a copy of the full header of the sender, I have removed as much of my detail as I can -:
[IMPORTANT] Virgin Media Alert: Your device may have a malware infection
Thu, 28 Jul 2022 16:00:22 +0100
account1
00004bcd25796124
0001
00000000
<internet-security@virginmedia.com>
pxxxx@blueyonder.co.uk
from md4.tb.ukmail.iss.local ([212.54.57.79]) by mc39.tb.ukmail.iss.local with LMTP id OGD1HIuk4mKHDQAAVp5eMA (envelope-from <internet-security@virginmedia.com>) for <pxxxxx@blueyonder.co.uk>; Thu, 28 Jul 2022 17:00:27 +0200
from smtpclienthelo ([212.54.57.79]) by md4.tb.ukmail.iss.local with LMTP id sEZ5HIuk4mJ4CwAANIUTRA (envelope-from <internet-security@virginmedia.com>) for <pxxxxx@blueyonder.co.uk>; Thu, 28 Jul 2022 17:00:27 +0200
from mx.emea.email-out.fireeyecloud.com ([52.215.218.140]) by mx12.tb.ukmail.iss.as9143.net with ESMTP id H4zyo3nPpOtvUH4zyoLYz0; Thu, 28 Jul 2022 17:00:26 +0200
internet-security@virginmedia.com
pxxxxx@blueyonder.co.uk
52.215.218.140
v=2.4 cv=Uu5wis8B c=1 sm=1 tr=0 ts=62e2a48b cx=a_exe:a_idp_d a=BjugOZXBdY1gNb9aOe+tNQ==:117 a=HA8xjwbbgu+22ypCUL6i2A==:17 a=NnpB_s8qolIZOc1H:21 a=KGjhK52YXX0A:10 a=IkcTkHD0fZMA:10 a=WxaJ9yQQIYwA:10 a=RgO8CyIxsXoA:10 a=NcN59idvAAAA:8 a=RGQxbMKRD3rOo6gnNxUA:9 a=8U30MHMbO671LbEJ:21 a=frz4AuCg-hUA:10 a=_W_S_7VecoQA:10 a=QEXdDO2ut3YA:10 cc=ntf
<internet-security@virginmedia.com>
from [127.0.0.1] ([127.0.0.1:43196] helo=smtp-injection-worker) by prd07-euw1-08 (envelope-from <internet-security@virginmedia.com>) (ecelerity 4.3.1.999 r(:)) with ESMTPS (cipher=AES128-GCM-SHA256) id C8/AC-26245-A84A2E26; Thu, 28 Jul 2022 15:00:26 +0000
193.38.82.67
193.38.82.67
from mailrelay04.ntl.com (mailrelay04.ntl.com [193.38.82.67]) by prd07-euw1-02 (envelope-from <internet-security@virginmedia.com>) FireEye ETP with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 210328567784A2E2690a83aca; batch_id 21/03-28567-784A2E26; Thu, 28 Jul 2022 15:00:23 +0000 (UTC)
v=1; a=rsa-sha256; c=simple/simple; d=virginmedia.com; i=@virginmedia.com; q=dns/txt; s=corporate; t=1659020423; x=1690556423; h=message-id:mime-version:from:to:date:subject: content-transfer-encoding; bh=FzlXXsFF67DtQ8bAr8G6TbZubJB0Q7x24vUCNXp/Vr4=; b=utBAY+2T+9lIAek+RhqsNQoGKt8E+5UQcoLYYz8iUevo3g0EjZCDb1xI W85jmFIySbmbqUdGttNBrz8+VFaYzYOaBx6PovRTJdXTr/J3pLH+ge01M taSsYJndqP+ZBjMZ9BaCk+BNFRKAIreMyoySFT4siZx6iAFXMzy+OmISv 6iCrVPk6gxSQK1gGDCJKhuGuKDOkCl3ohqSIW6MW4CMNhaDSVnBLxKPzy Y4AUgt+fQDdrkelNAJruC8+fiiG1k70zCEowcekRx1fXfBPKLaDdeESaI xYHAXadD4jNmoRweZIjY0W5KIAewgHs9G5Xc7TmXM9G2iZyTPNpe7qMLn w==;
4BeqKl5xqFnjO/NFlWPS1aBrhSEqdhkuuzR92qqRW+vaRqVM53/8Wi4lIbHVHRxAao15RvUSKL zkcOPFeLRKnQ==
N
false
from unknown (HELO KN1-CHX-P0004.systems.private) ([10.92.194.62]) by mailrelay04.virginmedia.co.uk with ESMTP/TLS/ECDHE-RSA-AES256-SHA384; 28 Jul 2022 16:00:22 +0100
from kn3-xcn-p0001.systems.private (172.19.46.61) by KN1-CHX-P0004.systems.private (10.92.194.62) with Microsoft SMTP Server id 14.3.487.0; Thu, 28 Jul 2022 16:00:22 +0100
1.0
text/html; charset="utf-8"
base64
eyAidGlkIjogIjIxMDMyODU2Nzc4NEEyRTI2OTBhODNhY2EiLCAiYWNjZXB0ZWRfdGltZXN0YW1w IjogIjIwMjIwNzI4MTUwMDIzIiwgImFjY2VwdGVkX3RpbWVzdGFtcF9lcG9jaCI6ICIxNjU5MDIw NDIzIiwgImRvbWFpbl9uYW1lIjogInZpcmdpbm1lZGlhLmNvbSIsICJhdHRfY291bnQiOiAtMiwg InNyY19pcCI6ICIxOTMuMzguODIuNjciIH0=
MS4xfLPAo/Tq2jBkjYm0naNHkNcKuqR/cpw7KgHnBy/jQhTDGsms9kxk0J/ga0z6Lg9/Y38s30KiMV2YzvlZUGvsgUcS9YWkqsXq2SmAmylpI6c3EHCOwqTk L+K0hTAZpLxZ1WiItcrJnrvWGhTJh3yomxO/sFxCSSLw+/xDBHzA+vg//O0SKRspAzXXSWdTbGY34zS1/aslpwfIm8po+ZGqaXKZ00yUZvE4QOsXp/QrjgGu 1oS6pV/EVnhDXZgOLANtsQ==
| ||||||||
© 2013 Virgin Media. All Rights Reserved. |
on 30-07-2022 09:45
Thank you for that information. How long have you had the VPN? When did you take out your Virgin Media services?
Has there been any devices connected to the broadband recently that haven't been connected before?
^Martin
on 30-07-2022 16:08
Hi Martin,
Thanks for the reply.
I have had my Express VPN for 2 years, I have been a customer of Virgin for about 15 or 20 years, Tele West before that and Bham cable before that and there are no new devices connected that havent been connected before other than perhaps a change in mobile phones.
The email suggests one of my email accounts has been locked but none have that I am using at the moment, one on Blueyonder and one on Virginmedia so I dont know what the account mentioned as being 'locked' refers to?.
Below is a copy of the email I received.
------------------------------------------------------------------------------------------------
on 31-07-2022 16:47
Thank you for confirming.
I would like to take a look from our side and see if there has been anything flagged on our system so I am going to pop you over a private message to confirm a few details. This will be available via the purple envelope on the top right of this page.
Speak soon,