[IMPORTANT] Virgin Media Alert: Your device may have a malware infection
I've received an email from VM that is puzzling me as it has with others I have read about on this forum.
Your Virgin Media account number: 22 - 81X81X80X
Our reference: VMIS5-MALWARE-F007397903
A device using your internet connection may be infected with malware
Dear Mr OldManBrook,
We’ve been alerted that one or more of the devices you use to go on the internet is infected with malicious software (malware). We don’t know which device, but it does mean your personal data and online financial transactions, including any credit card purchases, could be at risk.
This probably isn’t your fault, but we do need you to make some changes now to ensure your data remains safe and secure.We’ll help you do that.
How we found the problem
To protect our customers, we work with a number of not-for-profit organisations that gather information about internet connections that appear to be at risk of things like malware infections. On 04 September 2019, one detected that conficker , a piece of malware, was present on a device using your internet connection.
What to do next
We recommend using anti-virus software to scan and clean up your devices. There are a number of trusted anti-virus software options available if you don’t have one already.
As well as using anti-virus software, Web Safe is available for free to Virgin Fibre customers to help protect you against malware and viruses. Full details can be found by signing in to Your Account at virginmedia.com/myvirginmedia and going to My Apps.
More help and support
For extra advice, or to double-check that this is a genuine Virgin Media communication, head to our community at virginmedia.com/community, click 'Help forum' and join the conversation on the Security Matters board.
Kind regards, The Virgin Media team
In total, I run 3 fully patched Win7, 2x Win10 and 2 x Linux MINT PC devices, 3 x Rpis as media players and 6-7 phones in the house. All PC's use Zonealarm as AV/Firewall.
My wifi network is secured by MAC so only known devices can access.
The superhub2 is in modem mode connected to 2 x ASUS routers providing full house coverage.
I have run full scans on all Windows devices and performed a full nmap scan of my network for any conficker vulnerabilities (command below).
My question is how have VM determined it is one of my devices that is infected. I have also noticed it appears I am being traffic managed with the connection dropping all the time over the past week (since the 04 Sept when VM detected a compromised device)?
When the hub is in modem mode, I assume this IP is shared with other users and can this lead to false positives in this regard.