cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
actionfamily
Beginner
904 Views
Message 1 of 4

Re: Someone else had my BTInternet email address!

Was this ever sorted? I have had and used regularly a btinternet email account for the last 10 years. Three days ago I had an email from BT with a link to confirm the email on my new BTid. I haven't got a BTid as my email is a secondary account under my dads primary account so he has the BTid linked to his email. I thought it was spam so I deleted it. Within hours I started getting messages for a guy with the same surname and first initial. Later that day I received notification that my password had been changed, wasn't me so I changed it back, then countless messages for this new guy. I live chatted and expressed my concern that someone had been issued my email but it was stressed that no one could possibly be issued my email address. The following day I was notified of yet another password change, so I change it back again and log on to find all my profile info has been changed to his info including his mobile number so I ring it. He says he was issued the email address when he opened a new account three days ago, he wondered about the other info and folders and he was already on the phone to BT and they'll sort it Monday morning. Not good enough, this guy has had access to emailed bank statements, payslips and client invoices. I get straight on the phone and explain to CS who agree (including supervisor giving advice in background) it sounds like that's what has happened and pass to tier 2. After 1hr15mins on phone, tier 2 say it's impossible and I'm the victim of a sophisticated hacker! Yes of course! A sophisticated hacker that's so dumb I now have his name, mobile number and address. He seems genuine and as baffled as me. Tier 2 guy promised me a call back last night as I was unable to produce the primary account holder and he refused to speak to me. Needless to say I didn't get that call back!!! I'm fuming now!!! What can I do?
0 Ratings
3 REPLIES 3
NeilO
Moderator
Moderator
898 Views
Message 2 of 4

Re: Someone else had my BTInternet email address!

Hi actionfamily,

 

I'm really sorry about the problems with your email, I've started your own thread as the one you've posted on was quite old. If you need any help with this please use the 'contact the mods' link in my forum profile to send in your details. You can find the link by clicking on my username.

Thanks

Neil

0 Ratings
NewOld
Beginner
771 Views
Message 3 of 4

Re: Someone else had my BTInternet email address!

Exactly same experience! My btinternet.cm email address (rarely used) became inoperative sometime in the last six months. An email address I've had for probably about 15 years!.

Password reset became impossible. And the BT 'Help' screens were useless, kept returning me to the first help screen, and no telephone contact number was provided. Eventually I contacted someone, and they reset my password. 
And I was able to access my email account, which was being actively used by someone else!

 

In a state of shock I phoned BT. After carefully considering the info they had and verifying my identity, they confirmed that this was indeed my account but said that it had evidently been hacked and used by someone else. But that it was now back in my control.

 

Concerned that I now had access to all of the OP's emails, and their Yahoo account, I phoned again. The CS agent was comfortable with this, and said if the OP makes a complaint that they can no longer access 'their' email account, that BT have a way of discretely dealing with this, without inplicating me in all the aggravation the OP would experience.

 

That fact that two people can have the same email address is crazy! 

 

Will I report it the Office Of Information or not is another matter? Can I be bothered?

Maybe life's too short. 

0 Ratings
Andy_N
Distinguished Guru
746 Views
Message 4 of 4

Re: Someone else had my BTInternet email address!


@NewOld wrote:

Exactly same experience! My btinternet.cm email address (rarely used) became inoperative sometime in the last six months. An email address I've had for probably about 15 years!.

Password reset became impossible. And the BT 'Help' screens were useless, kept returning me to the first help screen, and no telephone contact number was provided. Eventually I contacted someone, and they reset my password. 
And I was able to access my email account, which was being actively used by someone else!

 

In a state of shock I phoned BT. After carefully considering the info they had and verifying my identity, they confirmed that this was indeed my account but said that it had evidently been hacked and used by someone else. But that it was now back in my control.

 

Concerned that I now had access to all of the OP's emails, and their Yahoo account, I phoned again. The CS agent was comfortable with this, and said if the OP makes a complaint that they can no longer access 'their' email account, that BT have a way of discretely dealing with this, without inplicating me in all the aggravation the OP would experience.

 

That fact that two people can have the same email address is crazy! 

 

Will I report it the Office Of Information or not is another matter? Can I be bothered?

Maybe life's too short. 


Hi. Welcome to the forums.

 

2 people can't have the same email address.

 

What usually happens is that the second person believes that they have an address, for a variety of reasons. They think their name might be unique, they may have got the "." in the wrong place, or indeed added a "." - similar to btcom, bt.com or btc.om - not added a digit to the email address and many other reasons. Some people believe that the email address is a "given" rather than them signing up for an address which needs to be unique and not taken.

 

What happens then is the second person contacts the helpdesk saying that they can't login to their email address. Unfortunately over the years, the helpdesk have been extremely poor and lax in their security. The email address password should NOT be given or reset without the correct answers to the security questions. Without these, the account holder should be sent a letter saying that a password reset request has been asked against the account.

 

The useless helpdesk will give a new password to the caller (without knowing if they are actually the correct account holder) - and hence then lockout the real holder.

 

Depending on how the account is accessed (webmail or mail client), the new holder could see all sorts of things if the original holder kept their stuff on webmail.

 

This new holder may then change the settings to alter the security questions and answers, so a password reset by the original holder is not possible without contacting the helpdesk.

 

Now that you have contacted the helpdesk, I assume you somehow managed to convince them of your identity by other means ? Were all the security questions/answers different ?

 

 

After you have seen the content of the email account, it would be obvious if it was hacked or not - that would be completely different to my information above. A hacker would usually not do anything except perhaps set up a forwarding email to a non specific account like gmail or hotmail. They certainly wouldn't leave a trace of sent emails etc.

 

I don't believe the helpdesk saying it was hacked at all, it was them that gave access to the new person.

 

AND - it is likely to happen again.

 

If there are any easy emails to access, say giving a likely address or other contact details - including their friends' email addresses - it might be worth contacting them yourself saying what has happened, and how did they manage to take over your email address.

 

Do not rely on the helpdesk at all.

 

 

As an aside, make sure you access your account at least once every 150 days (I think this is still in place), otherwise the account will be set as inactive and be lost. At that point I believe it will not be available for anyone.

0 Ratings