Having been passed around various Virgin phone helplines, I'm waiting for a call back from the 'security' team, but I wondered if I might also get some good advice here.
On Tuesday, I received an email from Microsoft saying my account details with them had been changed and asking me to confirm I had made those changes - I had not, so contacted them, and restored the correct contact details for that account (my old, and primary, ntlworld.com address). Their geolocation systems suggested the fraudulent login was from central China! Having sorted that out, I was obviously concerned that other of my online accounts might have been similarly attacked, and sure enough my Amazon.co.uk account had been accessed, the email address associated with it changed to one at inbox.ru and the password also changed so I cannot access the account. However, the problem is that when such changes are made to an Amazon account, they automatically email the original registered email address to confirm the changes are genuine. No such email appears to have arrived in my Virgin mail, I have checked it on my pc and online, and searched through the spam filters online - there is simply no email there.
(And yes, all my online accounts have different passwords, so there is a chance that someone's managed to get a keylogger on my PC, but so far Bitdefender, Windows Security, ESET, Trend and Malwarebytes have all scanned the system and found nothing...)
A while ago I had a similar experience, I received an email from and American company thanking me for creating an account with them - but I'd never even heard of them, and investigating with them turned up the fact that the emails supposedly from me had originated in China, but very disturbingly the company who they were creating the account with sent back a 'please confirm' email addressed to my email address - which the Chinese person received and duly confirmed - and again, none of those email exchanges purporting to be to and from me were present in my Virgin media mailboxes.
It appears that not only are people spoofing my email address to send mail (I am well aware how common that is) but are in some way getting return messages, apparently addressed to my ntlworld.com email address, which simply do not touch the Virgin email system.
I'm stuck what best to do - the suggestions from the telephone helplines have been frankly silly, they are very keen to tell me to change my password or charge me to dial in to my PC to do it but not only has that password been changed twice, if some of these messages are not actually going through the Virgin systems changing the Virgin password is utterly pointless.
Please can someone give me some actually useful advice on what the hell can be done to sort this mess out, 'my' email address is being used to sign up to things and change account information by some nasty little thief and I'm stumped what I can do - I'm quite prepared to go through every site my email is registered with and change it if I can easily change or kill off the ntlworld.com and replace it with something less widely known in the criminal community.
⋮ …- and again, none of those email exchanges purporting to be to and from me were present in my Virgin media mailboxes. ⋮
Simplest and likely explanation is that the miscreant was able to purge the emails from your mailbox; Virgin Media should be able to confirm this by reviewing their system logs for geolocation information related to your mailbox.
Whilst you wait for the forum team team to respond consider finding an alternative email provider, independent of any ISP, with similar or better security to those services it secures.
No autoforwards, or rules of any type - default sender addres is correct, no filters, no holiday message rules... permanently remove deleted email messages is not checked.
It's really a very basic, almost certainly 'default' set of settings for my webmail.
There seems no sign that anyone has purged mails from the system, and if they are it's certainly not being done consistently since many of the unsolicited incoming messages are there - none of the 'sent' messages using my email address are in there though, which is why I suspect those are simply being spoofed rather than someone accessing the mailbox, but as you mention the Virgin folks might be able to tell more by checking where in the world the mailbox has been accessed from.
I'm very inclined to move to another mail provider (to be honest, if I can get the BT line to this house reinstated for a sensible fee, I am seriously looking at changing isp completely, since Virgin service generally has got markedly worse in the last couple of years) but do not know which, if any, are particularly good. Slogging through reviews online at the moment, but it's not simple to spot any that are consistently reviewed as good.
I always set up 2 step verification on any accounts that have the option, i.e. Amazon. That way if anyone try's to access your accounts it will send a confirmation text code to your mobile phone, or ask for a code from an authenticator app on your phone.