User comments on ISPs
  >> PlusNet plc


Register (or login) on our website and you will not see this ad.


These posts have been archived and can no longer be replied to or modified.
Pages in this thread: 1 | 2 | 3 | 4 | 5 | 6 | 7 | [8] | 9 | 10 | 11 | 12 | 13 | 14 | 15 | (show all)   Print Thread
Standard User deleted
(deleted) Wed 16-May-07 11:45:08
Print Post

Re: Things you can do to mitigate the email proble


[re: wingco1] [link to this post]
 
>wouldn't think many are unaware of the situation.

I disagee, how many customers read forums, the reg etc. Maybe some have got it from word of mouth.
But if you aren't getting the junk mail, you aren't going to know to look anywhere for info.
Many people just use an ISP to send e-mail and a bit of surfing and will never know.
Standard User wingco1
(knowledge is power) Wed 16-May-07 11:48:49
Print Post

Re: Things you can do to mitigate the email proble


[re: deleted] [link to this post]
 
In which case the email to the whole customer base is the way to go. Liam has already confirmed this will be done. The only remaining question is when. I'm sure some customers are wondering where all this spam is coming from.

+++++++++++++++++++++++++++++++++++++++

"Nearly all men can stand adversity, but if you want to test a man's character, give him power."
Abraham Lincoln
16th president of US (1809 - 1865)
Standard User deleted
(deleted) Wed 16-May-07 11:50:06
Print Post

Re: Things you can do to mitigate the email proble


[re: deleted] [link to this post]
 
Then you should be getting a mail.

PN should know that your mail box was compromised, but won't know if you have a trojan on your system.


Register (or login) on our website and you will not see this ad.

Standard User rsharma
(knowledge is power) Wed 16-May-07 11:50:15
Print Post

Re: Things you can do to mitigate the email proble


[re: deleted] [link to this post]
 
There are two very distinct issues that occurred starting around 5 May.

The first was a compromised webmail server that had its code changed (one out of eight PN claim). This would try to download and install a trojan to the customer's PC when he/she logged in using only that particular server for normal webmail. If your machines had all the updates for windows and/or an anti-virus you are probably safe. It would be a good idea to run a new antivirus scan and update of Windows to be sure. If the trojan was successful in installing itself it could have compromised your username and password being used not only for accessing your email but any other logins that you might have performed elsewhere on the internet. Even if the trojan wasn't installed, there is a possibility that the hackers were snooping and thereby got access to your username and password but only if you use the webmail feature. Changing the password is therefore a good idea. If you don't use webmail to access your email (or you didn't do this between 5-11 May) the problem shouldn't affect you at all. An email is being sent to those PN have identified using the service. It goes without saying that those that didn't will not be getting this email.

Secondly, and in addition to that, when the hackers managed to compromise PN's servers to change the code to download the trojan, they also managed to steal email addresses from their database. This includes those that have used the webmail feature, the people in your address book and people you have sent an email to using webmail. Those emails addresses have been compromised and there is nothing you can do to salvage the issue. A separate email will be sent to everyone about this.

-------------------------------------------------------
Plusnet: The Truth (Blog)
Formal Complaints Process
Testing Connection Speeds
Plusnet LLU and Your Rights

Edited by rsharma (Wed 16-May-07 12:31:17)

Standard User deleted
(deleted) Wed 16-May-07 11:53:38
Print Post

Re: Things you can do to mitigate the email proble


[re: wingco1] [link to this post]
 
I agree and I do think PN has made the correct decision.
Other companies have tried to hide the fact with issues like this.
Standard User jelv
(fountain of knowledge) Wed 16-May-07 12:05:03
Print Post

Re: Things you can do to mitigate the email proble


[re: rsharma] [link to this post]
 
A good clear post. The only thing that is missing is that PN have or are in the process of emailing everyone that could be affected by the first problem. They have not started emailing people affected by only the second.

jelv

Plusnet ADSL PAYG Jan 2004 -
Plusnet Dialup Nov 2001 to Jan 2004
Previously Compuserve, BT & LineOne Dialup
Standard User jelv
(fountain of knowledge) Wed 16-May-07 12:08:12
Print Post

Re: Things you can do to mitigate the email proble


[re: deleted] [link to this post]
 
If you didn't visit the webmail website on the dates when it was compromised you are not at risk of having the trojan. That is what the email is about.

PN have not (yet) emailed people whose email addresses have been harvested - so it sounds like you shouldn't be expecting an email yet.

jelv

Plusnet ADSL PAYG Jan 2004 -
Plusnet Dialup Nov 2001 to Jan 2004
Previously Compuserve, BT & LineOne Dialup
Standard User jelv
(fountain of knowledge) Wed 16-May-07 12:10:40
Print Post

Re: Things you can do to mitigate the email proble


[re: deleted] [link to this post]
 
I believe that he means by compromised that his email address has been harvested - not that he used webmail while the webmail server was compromised.

If that is the case he will not be getting an email yet.

jelv

Plusnet ADSL PAYG Jan 2004 -
Plusnet Dialup Nov 2001 to Jan 2004
Previously Compuserve, BT & LineOne Dialup
Standard User rsharma
(knowledge is power) Wed 16-May-07 12:34:35
Print Post

Re: Things you can do to mitigate the email proble


[re: jelv] [link to this post]
 
Thanks. I have updated my post now to include your suggestion.

-------------------------------------------------------
Plusnet: The Truth (Blog)
Formal Complaints Process
Testing Connection Speeds
Plusnet LLU and Your Rights
Standard User deleted
(deleted) Wed 16-May-07 12:39:01
Print Post

Re: Things you can do to mitigate the email proble


[re: jelv] [link to this post]
 
It's getting hard to keep up !


As I understand it now, anyone who as logged into the webmail on the server that is affected will be getting an email ASAP (about poss having a trojan).

Those who have had their email address taken (but not logged in), so may be getting junk mail will be getting a email later.

Is that correct?
Pages in this thread: 1 | 2 | 3 | 4 | 5 | 6 | 7 | [8] | 9 | 10 | 11 | 12 | 13 | 14 | 15 | (show all)   Print Thread

Jump to