on 11-06-2021 00:27
So I received an email today stating that We’ve been notified by a third party that malicious traffic has been detected coming from a device using your internet connection.
I have scanned all my devices for malware with none found.
My router has also decided to go offline for 10-15 minutes each night for the past week (maybe not related)
I have followed all the steps in the email, but if the router going down issue is related then I am worried as the router last went down tonight after completing all the scans.
Any help?
on 11-06-2021 01:26
What was the email address you received this from? The email its self seems malicious, but could even be detecting a nasty browser plugin that is unknown and malicious, using your connection/system for a BotNet or even processing power theft via remote crypto mining running from it!
Your Router going down for 15 minutes every night seems like either coincidence or someone else in the street has been compromised and triggering detection on your local street node, usually in a cabinet, often green!
[Mod deleted]
Kind regards,
Lee
on 11-06-2021 10:37
@Scottr2
Does the email mention what form of malware was detected? That may help point to certain types of devices.
Topics about this usually mention receiving a letter rather than an email (although VM's help pages do mention email as an option too). So firstly, do check the source of the email to satisfy yourself it is actually from VM.
VM frequently do maintenance tasks at night which might be an explanation for the router rebooting. You can check the service status (top RHS of this forum page to see if it happens to mention anything that is ongoing in your area).
If you have scanned all of your devices and found nothing, then you have done the very basics. Worth keeping in mind though that malware can exist on any internet capable device and may also be able to avoid detection.
There is a useful sticky post at the top of the forum
which describes a process for detecting and isolating the source. This can be quite time consuming if you have a lot of internet-capable devices but is worth reading for a better understanding of the problem.
The forum team might be able to provide more information when they pick this up but often they don't have too much more information than is in the email you received.
on 11-06-2021 11:19
The email address is internet-security@virginmedia.com.
I honestly don't have any issues with regards to the emails and do think it's legit.
The email does not mention the type of malware, what network attack, what third party, what ports etc. So it's a bit of a needle at the minute.
I think I'm at a loss without knowing more information. It does seem now that it has just been a coincidence with the router rebooting. Although my initial thought was if VM are detecting high traffic they could remote reboot, but then I remembered this has come about from an apperent 3rd party report not VM off their own backs.
on 12-06-2021 16:00
Hi there @Scottr2
Welcome to our Community and thanks so much for your first post - we are sorry if the email we have sent has given you cause for concern thinking it is a spam email. I can confirm that this is an official email. We usually sent the notice via both letter and email.
All the information we have available in regard to the possible infection will be listed on the communication we have sent to you. We also have a dedicated help page about these sort of emails which lists all the checks you can do in order to assist - Malware alert
As long as you have completed the checks, then there is nothing further to be concerned about. We are notified of possible malware infections via a 3rd party who check the IP addresses - hope that helps ease your worries
Cheers
Katie - Forum Team
on 13-06-2021 15:14
on 13-06-2021 15:58
No worries at all - always happy to help and confirm when needed
Have a good weekend; stay safe
Katie - Forum Team
on 14-06-2021 23:04
I have just received a letter 14/06/21 posted 07/06/21, title 'A device using your internet connection may be infected with malware'. It says VM have been notified that spam emails are coming from a device using your internet connection. We don't know which device this is, but it does mean that your personal data and online financial transactions, including ay credit card purchases, could be at risk.
Then it goes on to say that if I don't fix it I will have my connection terminated.
I have scanned and found nothing
on 15-06-2021 08:32
Good morning @doomwatch,
Thank you for coming back to us, If you check the link sent previously all the information and tips we have are listed on there.
Kind regards,
Zak_M
on 15-06-2021 13:25
I have checked all the links and found nothing 6 emails
1 welcome
2 congratulations
3 welcome new badge
4 welcome another new badge
5 preferences
6 I don't understand, you want me to cancel my email? If this is a bot then I'm not going to get any sense? I have not stated or confirmed any references