This topic https://community.bt.com/t5/General-email-queries/Friends-email-has-been-hacked/m-p/2390651#M114906 <P>Hi Guys</P><P>New here and quite savvy re IT. I had a call from my friend saying his email account had been hacked so logged into him remotely to have a look. I had to reset his password so I did that ok. I then checked his inbox and had this come up...</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="screenshot.jpg" style="width: 999px;"><img src="https://community.bt.com/t5/image/serverpage/image-id/84799i394E56F47BA47D6A/image-size/large?v=v2&amp;px=999" role="button" title="screenshot.jpg" alt="screenshot.jpg" /></span></P><P>I went to mail forwarding and saw that this was turned on with a bogus gmail address to forward to. I deleted the gmail address and turned off mail forwarding.&nbsp; logged out and back in and he started to get some emails. I went&nbsp; back to look at the mail forwarding as the same message popped up and it was back again with the same bogus gmail&nbsp; address??. I have now set two factor authentication on and also changed the security question and have again reset the password. So I think I have covered everything regarding ensuring all the security precautions are in place.</P><P>The problem is that this mail forwarding keeps re enabling every 10 minutes or so. The hacker is not logging in to change it as we would know by the 2 factor authentication as my mate would get a text with the 4 digit key.&nbsp; Other people on this community have had this and I cant seem to find a solution to stop this re enabling. It has to be something set up within his account that is auto checking and turning it back on. Any help here appreciated Guys</P><P>&nbsp;</P><P>Thanks Steve</P> Sun, 23 Jun 2024 11:49:05 GMT steve67474 2024-06-23T11:49:05Z Friends email has been hacked https://community.bt.com/t5/General-email-queries/Friends-email-has-been-hacked/m-p/2390651#M114906 <P>Hi Guys</P><P>New here and quite savvy re IT. I had a call from my friend saying his email account had been hacked so logged into him remotely to have a look. I had to reset his password so I did that ok. I then checked his inbox and had this come up...</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="screenshot.jpg" style="width: 999px;"><img src="https://community.bt.com/t5/image/serverpage/image-id/84799i394E56F47BA47D6A/image-size/large?v=v2&amp;px=999" role="button" title="screenshot.jpg" alt="screenshot.jpg" /></span></P><P>I went to mail forwarding and saw that this was turned on with a bogus gmail address to forward to. I deleted the gmail address and turned off mail forwarding.&nbsp; logged out and back in and he started to get some emails. I went&nbsp; back to look at the mail forwarding as the same message popped up and it was back again with the same bogus gmail&nbsp; address??. I have now set two factor authentication on and also changed the security question and have again reset the password. So I think I have covered everything regarding ensuring all the security precautions are in place.</P><P>The problem is that this mail forwarding keeps re enabling every 10 minutes or so. The hacker is not logging in to change it as we would know by the 2 factor authentication as my mate would get a text with the 4 digit key.&nbsp; Other people on this community have had this and I cant seem to find a solution to stop this re enabling. It has to be something set up within his account that is auto checking and turning it back on. Any help here appreciated Guys</P><P>&nbsp;</P><P>Thanks Steve</P> Sun, 23 Jun 2024 11:49:05 GMT https://community.bt.com/t5/General-email-queries/Friends-email-has-been-hacked/m-p/2390651#M114906 steve67474 2024-06-23T11:49:05Z