User comments on ISPs
  >> PlusNet plc


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | [3] | 4 | 5 | (show all)   Print Thread
Standard User steve195527
(learned) Sun 16-Dec-18 17:50:10
Print Post

Re: Suspected personal information leak


[re: jchamier] [link to this post]
 
In reply to a post by jchamier:
In reply to a post by steve195527:
how easy is it to get a 3rd party to do this ?

Easy with Office 365/Exchange Online. You configure the domain's MX records to point to Microsoft, and then on Microsoft's control panel you buy mailboxes per human being.

Then you assign addresses to the mailboxes, e.g. [email protected] and [email protected] and [email protected] goes to mailbox1. Anything not listed is rejected at the SMTP level, so no email flows.

If you accept everything *@domain.dom then you have to filter once you receive. This is wasteful as spam emails are getting larger and larger (in some cases tens of megabytes).

Many anti-spam researchers say there is no point in this, it just adds complexity for you. I can't find the research right now.

That isn't what I meant,what I was meanining was if you say signed up with plusnet for example and they issued with or you chose an email address or a few email addresses and some of those got compromised how easy would be for you or I to get a company like Plusnet like plusnet to completely disable those email addresses,what obligation do they have to do so?In fact would that make any difference to the ability of the hacker sending emails pretending to be you or I?
I don't worry about spam I just rely on mailwasher to get rid of the [censored] I don't want before it gets to my pc

Edited by steve195527 (Sun 16-Dec-18 17:53:45)

Standard User jchamier
(eat-sleep-adslguide) Sun 16-Dec-18 17:59:00
Print Post

Re: Suspected personal information leak


[re: steve195527] [link to this post]
 
In reply to a post by steve195527:
That isn't what I meant,what I was meanining was if you say signed up with plusnet for example and they issued with or you chose an email address or a few email addresses and some of those got compromised how easy would be for you or I to get a company like Plusnet like plusnet to completely disable those email addresses,what obligation do they have to do so?


I don't know with PN as I don't use or pay for their email service. I would personally just stop using such an address, and use something else - and tell PN so they can block the junk on their mail server, stopping it affecting other users.

plusnet 80/20 (2/jun/14) at 470m - sync 19/Sep/18: 61,689 / 8,831 - G.INP & 3.0 dB SNRm
19 years of broadband, from 1999's ntl:cable modem trial - Live BQM
Standard User RobertoS
(elder) Sun 16-Dec-18 18:20:40
Print Post

Re: Suspected personal information leak


[re: steve195527] [link to this post]
 
Nobody should ever use an ISP-provided email address. It's always a PITA and an impediment to migrating. It is also the most likely email service to fail.

You need Gmail, Outlook (ex Hotmail) or best of all for flexibility paid-for email. Dirt cheap at under £2 per month and yours for life so long as you keep paying.

You never need to change it when you change ISP, and with all reputable companies have at least one domain and a huge number of email addresses based on that domain.

I have several domains for various reasons, some with Tsohost and some with Ionos (ex 1 & 1). Ionos may be the better of the two if you want websites as well as email. I also have two or three very private Gmail addresses used for seamlessness to sync my calendar and other things.

My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - Three 4G, tbb tests 35-45Mpbs down, 9-15 up.
==================================================
If you never think of anything off the wall, you'll never think of anything original.

Edited by RobertoS (Sun 16-Dec-18 18:21:23)


Register (or login) on our website and you will not see this ad.

Standard User steve195527
(learned) Sun 16-Dec-18 19:14:01
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
problem with gmail is it's a google company ,and if there is one company I think is the least trustworthy re keeping users data confidential/safe its anything google,even their OS still tracks folk physically and electronically even when they think they have turned off all the tracking in it
Standard User RobertoS
(elder) Sun 16-Dec-18 19:47:40
Print Post

Re: Suspected personal information leak


[re: steve195527] [link to this post]
 
I agree. I don't recommend it unless someone has a specific need outside their main email needs.

Your main email and any webspace you need should be via a cheap paid-for service as I explained. They are specialists and have huge backup and security systems.

ISPs used to provide email and a tiny bit of webspace free decades ago, but it always was just a marketing tool. Nowadays it is just a legacy product and a sideline.

Some ISPs allow you to keep an address you have with them if you migrate away, often charging a ridiculously high amount per month. Others don't let you.

Have you ever had the hassle of migrating your broadband and having to let all your contacts know, and change all shop accounts and suchlike inside a day or two? Inevitably missing some.

Do it once to your own domain and change over at leisure. Start sending from the new one, and listen on new and the ISP mail. Within a few days all your main email will be coming to your new one and you can safely migrate away from the ISP without losing any emails or sleep.

You never have to do it again.

My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - Three 4G, tbb tests 35-45Mpbs down, 9-15 up.
==================================================
If you never think of anything off the wall, you'll never think of anything original.

Edited by RobertoS (Sun 16-Dec-18 19:48:15)

Standard User scopio
(committed) Mon 17-Dec-18 00:08:00
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
I have in the past couple of days received first an email held by PlusNet pertaining to be from Amazon that a gift card for the value of $250.00 was ordered and sent to and they link an email address and links to Amazon to confirm and check the transaction. I of course deleted the email and the logged in to my Amazon account to check my orders and nothing about this transaction appears on my account.
Today I received two more emails again pertaining to be from Amazon stating that the Gift card has been sent to an email and another email stating that it has been cashed. I of course deleted the emails just as before.
Checking on https://haveibeenpwned.com/ it says the same as for kasg
“Onliner Spambot (spam list): In August 2017, a spambot by the name of Onliner Spambot was identified by security researcher Benkow moʞuƎq. The malicious software contained a server-based component located on an IP address in the Netherlands which exposed a large number of files containing personal information. In total, there were 711 million unique email addresses, many of which were also accompanied by corresponding passwords.”

PC Full Tower - Self Build OS Windows 10 64bit Laptop Dell Inspiron 1545 - OS Windows 8.1 Home Premium 32bit Stardock8
ISP was O2 All Rounder now PlusNet Unlimited Broadband SamKnows Whitebox connected on 14:02:2013
http://www.thinkbroadband.com/speedtest/button/13669...
http://speedtest.net/result/2668600210.png
Standard User jelv
(knowledge is power) Mon 17-Dec-18 10:23:17
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
I have a couple of active email addresses that have only ever been used for the Plusnet portal and community. Neither show up at https://haveibeenpwned.com/

jelv

AAISP November 2016
(Previous ISP Plusnet November 2001 to October 2016) Why I left Plusnet
Telephone rental: Pulse8
Standard User ambrougham
(newbie) Mon 17-Dec-18 11:16:16
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
Still ( rather stupidly :rolleyes: ) a customer but I'm not seeing any evidence of a shiny new leak of PN held personal data. Just the continued abuse of data hacked from insecure and out of date webmail systems in May 2007 and the subsequent leaks including those that PN claim never happened of course. Nothing apparently recent though ... famous last words and all that !

No shortage of the usual abuse to leaked and random addresses in general. Numerous e-mails of the bitcoin/malware/video form described here sent to addresses that only PN were party to several years ago. Also a surge in Polish and Russian language spam sent to addresses hacked from PUG via a PN data leak occurring long after the 2007 hack when all personal data had been changed. Not seen any acid-related messages so far though.

Interestingly, https://haveibeenpwned.com/ reports "Good news — no pwnage found" for some addresses that were definitely leaked donkey's years ago and are receiving abuse.

Edited by ambrougham (Mon 17-Dec-18 11:28:36)

Standard User RobertoS
(elder) Mon 17-Dec-18 12:01:28
Print Post

Re: Suspected personal information leak


[re: ambrougham] [link to this post]
 
Thanks jelv and ambrougham. Two encouraging posts, from different aspects.

My broadband basic info/help site - www.robertos.me.uk. Domains, site and mail hosting - Tsohost.
Connection - Three 4G, tbb tests 35-45Mpbs down, 9-15 up.
==================================================
If you never think of anything off the wall, you'll never think of anything original.
Standard User caffn8me
(eat-sleep-adslguide) Mon 17-Dec-18 12:15:38
Print Post

Re: Suspected personal information leak


[re: RobertoS] [link to this post]
 
It seems that there has been a Plusnet data breach affecting some customers and it related to their billing systems;

Plusnet customers peeped others' deets during system upgrade

Sarah

--
If I can't drink my bowl of coffee three times daily, then in my torment, I will shrivel up like a piece of roast goat

Spiders on coffee - Badass spiders on drugs
Pages in this thread: 1 | 2 | [3] | 4 | 5 | (show all)   Print Thread

Jump to