Hacked Account. How Do I Increase Security

stankubrick · ‎30-08-2015

I have discovered that my email account has been mirrored and messages are being sent from a server in the Dominican Republic. I've changed the password but the emails are continuing, it appears they are using a random password generator which just unlocks the account when I change the password.

There is no sign of activity in my webmail outbox or through outlook on my laptop.

How do I stop this, is there a way of adding a second level of security I can add?

markp · ‎23-10-2015

Hi stankubrick,

To make your emaill password secure, you are best to used upper and lowercase letters, numbers and a special character so something like R4nD0m@1.

If they are still getting through your password you could contact our security team on 0808 100 4332 opt 5, you may need to deacitvate/delete the address for a time and create yourself a new one.

Regards

Markp

stankubrick · ‎28-01-2016

So I tried the security team on the number you gave but they are Mon-Fri 9-5 only. They provided an email address so I sent them an email, they didn't reply. I have no idea where to go next, considering changing ISP as I'm only with BT to keep my email address which is compromised now anyway.

Changed the password many times, tried accessing the account via webmail from work only in the hope the additional security offered by corporate firewall might help, thred accessing only from an iPad, the account is hacked again within a number of hours. I suspect there is some automatic password generator which just sits there until it gets lucky and there is no additional security layer with BT, just email address and password!

Plumly · ‎28-01-2016

its not about making your mailbox more secure or email,

by the sound of what is happening someone is Faking they are you and sending through a server which allows any mail to be sent, The issue their is BT have no control over that Server, Same as you do not you can contact the servers Owner to ask them to stop doing it, but that is no guarentee it will work

you can add somthing like an SPF record to your domain DNS, but that will only stop the mail being delivered to customers who use the SPF setup

changing the password would stop them sending if they were sending through bt/Microsoft servers but they

sorry i can't be of more help but just putting into perspective what has happened,

stankubrick · ‎04-02-2016

Thanks for the explanation, unfortunately I have no idea what an SPF record is and have no idea how to implement it, but it sounds like a good idea although I don't know how it will help?

I eventually got through to someone at the BT Fraud team, they were pretty useless, sugesting I have Malware (seems very unlikely given the precautions I have taken) and just came up with the sugestion that I use some service they provide for which I would have to pay. Seems odd as I pay through the nose for my Business Broadband and get even less that I would for my money if I was a domestic customer (no BT Sport)! I don't think they even understood what the problem was!

The problem does not seem to be related solely to my account as of the 40 or so spam emails I receive per day at the moment, half of them are fom Btconnect email addresses. I even recognised one of the addresses as someone I do business with so I contacted them. They are in the same helpless boat as myself with BT holding their hands up and doing nothing.

The only reason I stay with BT is because I use my email address for my own business and to change it will probably cost me money in lost work and revenue through my Business, the one reason I'm with BT is the biggest failing!