on 05-11-2021 13:32
My ID was stolen a couple of years ago by a telephone scammer who my wife let on our PC. We have been blocklisted by the Spamhaus Project and I belive the scammers are using our IP address for criminal activity. Does anyone have advice on what to do, please? Virgin Media suggested I try this forum for help.
on 05-11-2021 13:45
The first thing you will need to do is to have the PC wiped clean to remove the illegal program/s that the scammer will have put on it. This might not be possible with ordinary anti-virus software, so to you really need to get it completely cleaned by re-installing Windows and getting the installation to reformat the hard disk.
05-11-2021 15:44 - edited 05-11-2021 15:46
Without posting your public IP Address, what does Spamhaus's IP and Domain Reputation Checker report?
on 05-11-2021 17:06
Hi thanks for responding, Vey Insightful Person. Spamhaus project state - "We have reviewed this removal request and determined that this is an ongoing issue. The requested record is not eligible for removal at this time." We are a very ordinary family who do nothing wrong on or with the web. I may be coming to a conclusion wrongly, but it's all I can think of.
on 05-11-2021 17:12
Hi jpeg1. Good advice. As soon as I came home from work following the scammers jumping on our PC, and my wife told me what happened (luckily she realised something was wrong when they asked she open our bank web page and hung up), I unplugged the PC and have never plugged it back in.
However, this laptop is on the same IP address. Could we be being 'piggy-backed' by undesireables?
on 05-11-2021 18:07
Nothing to say that the incident with the scammer couldn't have led to malware on your other devices. But if the scammer incident happened a couple of years ago, and the computer has not been used since, you could also have been infected on the laptop (or other devices) in the meantime and by other means.
What anti-virus/malware are you running on the laptop and have you scanned the laptop recently and in full? You could also download the free version of Malwarebytes to the laptop and run it to see if it picks anything up (link near the bottom of this page)
https://www.malwarebytes.com/premium
If your IP listing is spambot-related, and is still ongoing, you should also consider any other internet-capable devices which use the broadband connection.
05-11-2021 19:51 - edited 05-11-2021 19:52
If you get your own router and put the Virgin Hub in modem mode, this will usually give you different public IP address. You can get decent routers for around £50. Back up important files to usb/cloud and wipe your pc and it should be fine there should be nothing which will broadcast your new IP to the scammers.
If you are still worried you can spend a little more for a more advanced router with better firewall logging/packet capture if you are interested in analysing logs and traffic.
on 05-11-2021 22:21
@Nadia67 wrote:Hi thanks for responding, Vey Insightful Person. Spamhaus project state - "We have reviewed this removal request and determined that this is an ongoing issue. The requested record is not eligible for removal at this time." We are a very ordinary family who do nothing wrong on or with the web. I may be coming to a conclusion wrongly, but it's all I can think of.
From which Spamhaus list did you request de-listing; SBL, XBL, etc?
on 07-11-2021 17:57
Hi 用心棒 Thank you for your advices. I had no idea there are separate lists; I simply asked to be removed. Am I right in thinking that if I asked to be removed in a more targetted manner my request might be more successful?
on 07-11-2021 21:50
Unfortunately no but knowing which list maybe of help to those offering advice here. For instance, when checking my public IP Address Spamhaus reports a listing on their Policy Block List (highlighted below) which is expected and not of concern.
When you checked your public IP Address which lists did it appear on?