cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Expert
431 Views
Message 1 of 6

Complaint re BTYahoo server hacked last year

Most will be aware of this dreadful episode thoroughly covered (but with no real answers from BT) in this thread:

 

https://community.bt.com/t5/Email/BT-email-accounts-hacked/td-p/796762

 

I am the secretary of a local Crown Green Bowling Club and  I'd previously set up a BT email address (sub-account) for the club so that by enabling the Out of Office members emailing that address would immediately receive a "What's On" reply.

 

As soon as I heard about the BTYahoo server debacle - and BT's pathetic response - I closed that email address and set up a new one on gmail.

 

I have just received an email from the old (BT) email address, containing just a two-line link so it seems that that email sub-account has been compromised.

 

I am about to make a strong complaint to BT and to the Information Commissioner about BT's failure to remove the sub-account.

 

In the meantime, does the fact that a sub-account has been compromised mean that the main account has also been compromised?

I've checked my log-in history but that of course only shows two days' activities!

 

EDIT: I have of course emailed all the members to tell them not to open the email.

0 Ratings
5 REPLIES 5
Recognised Expert
416 Views
Message 2 of 6

Re: Complaint re BTYahoo server hacked last year


@Taffy078 wrote:

Most will be aware of this dreadful episode thoroughly covered (but with no real answers from BT) in this thread:

 

https://community.bt.com/t5/Email/BT-email-accounts-hacked/td-p/796762

 

I am the secretary of a local Crown Green Bowling Club and  I'd previously set up a BT email address (sub-account) for the club so that by enabling the Out of Office members emailing that address would immediately receive a "What's On" reply.

 

As soon as I heard about the BTYahoo server debacle - and BT's pathetic response - I closed that email address and set up a new one on gmail.

 

I have just received an email from the old (BT) email address, containing just a two-line link so it seems that that email sub-account has been compromised.

 

I am about to make a strong complaint to BT and to the Information Commissioner about BT's failure to remove the sub-account.

 

In the meantime, does the fact that a sub-account has been compromised mean that the main account has also been compromised?

I've checked my log-in history but that of course only shows two days' activities!

 

EDIT: I have of course emailed all the members to tell them not to open the email.


Before you complain have you checked that the subaccount has been used to send the email ?

It could be that it has actually been sent from another account with the subaccount address only being used to say that is the account the email is from.

0 Ratings
Expert
377 Views
Message 3 of 6

Re: Complaint re BTYahoo server hacked last year


@vofsanity2 wrote:

 

Before you complain have you checked that the subaccount has been used to send the email ?

It could be that it has actually been sent from another account with the subaccount address only being used to say that is the account the email is from.


How can I check that, please? I deleted the sub-account in March 2013.

Are you saying that another sub-account might have been used, or my main one?

0 Ratings
Recognised Expert
356 Views
Message 4 of 6

Re: Complaint re BTYahoo server hacked last year


@Taffy078 wrote:

@vofsanity2 wrote:

 

Before you complain have you checked that the subaccount has been used to send the email ?

It could be that it has actually been sent from another account with the subaccount address only being used to say that is the account the email is from.


How can I check that, please? I deleted the sub-account in March 2013.

Are you saying that another sub-account might have been used, or my main one?


No. It is very easy to send an email and make it appear that it is from another account.

 

You need to check the header information of the email and see what account it was sent from.  The displayed account is highly likely to be incorrect in the situation you describe here.

0 Ratings
Distinguished Guru
350 Views
Message 5 of 6

Re: Complaint re BTYahoo server hacked last year


@Taffy078 wrote:

Most will be aware of this dreadful episode thoroughly covered (but with no real answers from BT) in this thread:

 

https://community.bt.com/t5/Email/BT-email-accounts-hacked/td-p/796762

 

I am the secretary of a local Crown Green Bowling Club and  I'd previously set up a BT email address (sub-account) for the club so that by enabling the Out of Office members emailing that address would immediately receive a "What's On" reply.

 

As soon as I heard about the BTYahoo server debacle - and BT's pathetic response - I closed that email address and set up a new one on gmail.

 

I have just received an email from the old (BT) email address, containing just a two-line link so it seems that that email sub-account has been compromised.

 

I am about to make a strong complaint to BT and to the Information Commissioner about BT's failure to remove the sub-account.

 

In the meantime, does the fact that a sub-account has been compromised mean that the main account has also been compromised?

I've checked my log-in history but that of course only shows two days' activities!

 

EDIT: I have of course emailed all the members to tell them not to open the email.


Hi.

 

Headers ?

 

When you say "closed" the email address, what do you mean ?

 

Don't forget, spammers trivially spoof any email address as the From address - including invalid syntax, real accounts and ones that have never been used or deleted. I've seen all these types, and some would never exist.

0 Ratings
Expert
327 Views
Message 6 of 6

Re: Complaint re BTYahoo server hacked last year

@vofsanity2: Thanks - that's a relief. I just went to check the header on the email and found that the offending email is no longer there! I've certainly not deleted it and checks using MBAM & SuperAntiSpyware have found no  evidence that my PC has been compromised. That's another blasted mystery, and the end of the complaint that I intended to make - for now. (Perhaps I'll receive another such email.)

 

@Andy_N: Hi. By 'closed', I meant 'deleted', using Tools/Mail Options/Mail Accounts.

0 Ratings