User comments on ISPs
  >> TalkTalk Broadband


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | [2] | >> (show all)   Print Thread
Standard User TugW
(newbie) Sat 20-Oct-18 12:58:41
Print Post

Re: Old Nildram Email Address


[re: Ripley] [link to this post]
 
First post

Thought Id share this.

Ive just had some chancer send me a threat that they have put a trojan on my system. They stated that they had Hacked my gotadsl.co.uk email and accessed my machine that way...

The weird thing is, they posted my old password for the account in the threat email. Bit daunted !

I checked my account settings and the stated password was changed ages ago.

Worried me a little until I checked the account settings though.
Standard User RussellR
(newbie) Sat 20-Oct-18 17:32:19
Print Post

Re: Old Nildram Email Address


[re: TugW] [link to this post]
 
You too!

Don't want to spread alarm but I had this too. TalkTalk Business reset my password - and I then changed it to another of my choosing.

I rarely use this email - mostly it gets mail from friends who forget my new one so I could delete it completely and not really miss it.

I scan all my email using MailWasher so spotted the original message when it arrived and did not open it in my mail reader.

When I spoke to TTB they gave me their webmail link which also had an option to change my password. The message was still in my Inbox, and I intended to delete it unread. However, in doing this I forgot that I hadn't yet customised the layout and switched off the automatic preview.

The message opened and I deleted it, but any damage may well have already been done. The TTB member of staff said that they believed that it was just a scare email demand for money rather than a live threat, but we must all make up our own minds on that.

All seemed well, but Thursday I suddenly had a loud screech from my PC speaker and a large popup stating amongst other things that my firewall was irrelevant and system files would start to be deleted in 45 seconds.

I didn't stop to read the full text but powered down immediately. Currently I'm running my PC using a live Linux distro from Linux Format magazine and haven't yet had an issue - but it is early days.

However I have received around 20 spam emails to my Nildram account - mostly 'sales' related, but at least one to the effect that I could change my password but they could still monitor my PC. This still quoted the original (out of date) password.

I have been taking regular backups to an external drive but of course don't know for certain that they are not compromised.

I do have up to date antivirus/firewall/Malwarebytes and ransomware protection. None have reported issues, other than Malwarebytes periodically having its realtime web protection layer turned off and cannot be reset without a reboot or restart of MWB. MWB suggest it may be a conflict with my firewall and suggest that I try a period using the built in Windows 10 firewall to see if this issue continues.
I have not tried this yet, though their own forums suggest that this is a long running problem so it may be just coincidence.

I plan to run a full system scan of my PC without Windows 10 running to see what may be found. I will also try the built in W10 recovery tools and if my backups scan successfully a system restore.

As a last resort I can wipe my system drive and reload W10 from a DVD followed by my software.

I've also turned off my router and rebooted to get a new external address plus changed passwords.

All this may be coincidental - but I'd rather do something than nothing. The second email may be based on expected behaviour rather than any actual evidence.
Standard User iefbr14
(newbie) Sat 20-Oct-18 17:50:11
Print Post

Re: Old Nildram Email Address


[re: RussellR] [link to this post]
 
On the TT forums several users, all with old Pipex addresses are also getting "blackmailing" emails that sometimes quote old passwords.

Pipex was hacked several years ago, so this could be from around the same time with harvested data resurfacing or recirculating. The reports in this thread sound very similar.

Strange that these reports and the Pipex reports have all started at about the same time.

Although there are no reports on the TT forums of other illicit activity on the "hacked " accounts, password changes are recommended.


But also check that you don't still use the old password on any other accounts just in case.

Edited by iefbr14 (Sat 20-Oct-18 18:03:58)


Register (or login) on our website and you will not see this ad.

Standard User rego
(fountain of knowledge) Sun 21-Oct-18 07:46:42
Print Post

Re: Old Nildram Email Address *DELETED*


[re: Ripley] [link to this post]
 
Post deleted by rego
Standard User rego
(fountain of knowledge) Sun 21-Oct-18 07:59:31
Print Post

Re: Old Nildram Email Address


[re: TugW] [link to this post]
 
I have just received the same spam mail only mine was sent to an old Hotmail account. Exactly the same giving an ancient password etc. have any of you shopped at Tesco on line using the email account ?

I suppose the one good thing is the fact the Hotmail filter identified the email as junk and sent it to the spam folder

Edited by rego (Sun 21-Oct-18 08:22:41)

Standard User trolleybus
(experienced) Sun 21-Oct-18 12:29:37
Print Post

Re: Old Nildram Email Address


[re: rego] [link to this post]
 
In reply to a post by rego:
I have just received the same spam mail only mine was sent to an old Hotmail account. Exactly the same giving an ancient password etc. have any of you shopped at Tesco on line using the email account ?

I suppose the one good thing is the fact the Hotmail filter identified the email as junk and sent it to the spam folder


I guess a new thread should be created about this scam. Hearsay suggests that some people are paying up. The email seems to be well and truely doing the rounds.
Standard User MCM
(knowledge is power) Sun 21-Oct-18 12:47:10
Print Post

Re: Old Nildram Email Address


[re: trolleybus] [link to this post]
 
Similar email sent to a last century Screaming account that whilst still monitored hasn't been used since the early 2000s. Screaming were taken over by WorldOnLine in 2000, then Tiscali and now TalkTalk.
Pages in this thread: 1 | [2] | >> (show all)   Print Thread

Jump to