Reply
Contributor
wingers
Posts: 63
Registered: ‎20-09-2012
0

BT email accounts hacked

Hi

 

I run a computer support business and over the last few days over 60 of my customers have had their email accounts hacked and spam email sent out to everyone in their address books

 

I have virus scanned most of the computers and all are clean - so it appears the webmail password was hacked and someone gained access

 

This happens quite regularly now with BT - but I don't see it hardly ever with other email providers and I have a lot of customers

 

What is BT doing about this -as I have a lot of angry customers who are ready to leave BT and go elsewhere if you cannot improve your security!

 

I know in some cases it is not always your fault and down to customers choosing stupid passwords, but not helped when your helpdesk resets passwords to things like welcome1 or london12 and the customer then never resets them (when threy should be forced on first login to change them)

Distinguished Guru
DS
Posts: 7,684
Registered: ‎27-01-2010
0

Re: BT email accounts hacked

Contributor
wingers
Posts: 63
Registered: ‎20-09-2012
0

Re: BT email accounts hacked

yes already seen that - not exactly helpful - I and my customers want to know why hacked in first place - and how it can be marked as resolved I don't know, as since posting first email I have had two more customers report the issue

Distinguished Guru
DS
Posts: 7,684
Registered: ‎27-01-2010
0

Re: BT email accounts hacked


wingers wrote:

yes already seen that - not exactly helpful - I and my customers want to know why hacked in first place - and how it can be marked as resolved I don't know, as since posting first email I have had two more customers report the issue


I agree. BT just stating a virus doesn't give too much away now does it:smileysad:

 

Though, luckily for me, I've been through all my BTY email accounts and none of mine have been compromised.

 

Do your customers use BTNetprotect for their AV?

 

I'm using MSE (with other app's)

-+-No longer a forum member-+-
Contributor
wingers
Posts: 63
Registered: ‎20-09-2012
0

Re: BT email accounts hacked

no but that does seem BT's way - don't give too much information!

 

Most of my customers use AVG internet security for protection

Guru
Andy_N
Posts: 3,474
Registered: ‎31-01-2010
0

Re: BT email accounts hacked


wingers wrote:

Hi

 

I run a computer support business and over the last few days over 60 of my customers have had their email accounts hacked and spam email sent out to everyone in their address books

 

I have virus scanned most of the computers and all are clean - so it appears the webmail password was hacked and someone gained access

 

This happens quite regularly now with BT - but I don't see it hardly ever with other email providers and I have a lot of customers

 

What is BT doing about this -as I have a lot of angry customers who are ready to leave BT and go elsewhere if you cannot improve your security!

 

I know in some cases it is not always your fault and down to customers choosing stupid passwords, but not helped when your helpdesk resets passwords to things like welcome1 or london12 and the customer then never resets them (when threy should be forced on first login to change them)


Hi.

 

Have you asked these "customers" if they have received anything recently, or clicked on anything not expected ? Do they all use the same things like facebook or other social sites ? Are they connected in anyway, or have they just come to you for help ?

 

If I may be frank, why did they come to you initially rather than contacting the free BTinternet helpdesk ?

 

Webmail password change is the same for all ISPs, not Yahoo! specific. If the helpdesk gives the user a new password, then really it should be down to the user to make sure they alter it themselves. Clearly people don't do this, but even if the helpdesk said to do it - some people will still not do this.

 

You say you don't see it hardly with other email providers, that implies that it does happen. What other mail providers for example ? BTYahoo! is one of the largest in the UK, so it's not unlikely that more would be seen than for some other ISPs.

Contributor
wingers
Posts: 63
Registered: ‎20-09-2012
0

Re: BT email accounts hacked

from the ones I have spoken too - no they didn't click on any strange emails, they certainly didn't give someone the password and some use facebook etc, others don't

 

Because I am the person who provides IT support to them - so they always come to me first to ask advice - they find they get a better service than when speaking to India or some other far flung place after being on hold for ages etc

 

But it would be so simple to force a change after first login - just like you do with a domain user accounts in a work environment

 

I don't see it hardly with others is correct, one every few weeks/months - not coming up to 80 in 2 days like with BT this weekend!

Guru
Andy_N
Posts: 3,474
Registered: ‎31-01-2010
0

Re: BT email accounts hacked


wingers wrote:

no but that does seem BT's way - don't give too much information!

 

Most of my customers use AVG internet security for protection


No AV program will stop users from clicking links, or responding to phish emails etc. Not all hacks are virus/trojan etc, a lot is now by social engineering or plain old responding to an unsolicited email, or even a phone call from someone saying they are from Microsoft or BT etc - telling them they have a problem, and getting them to use teamviewer or other similar program to gain remote access.

 

 

Contributor
wingers
Posts: 63
Registered: ‎20-09-2012
0

Re: BT email accounts hacked

yes quite aware of this - worked in IT for a long time running my own support business so come across all of this regularly - but I know my customers and a lot of the ones affected just wouldn't click on unknown links or fall for the scam phone calls etc - so there is more to how the these accounts were hacked - I suspect something internally in BT, or BT themselves getting hacked and the details being stolen and them just not telling us

 

Guru
Andy_N
Posts: 3,474
Registered: ‎31-01-2010
0

Re: BT email accounts hacked


wingers wrote:

from the ones I have spoken too - no they didn't click on any strange emails, they certainly didn't give someone the password and some use facebook etc, others don't

 

Because I am the person who provides IT support to them - so they always come to me first to ask advice - they find they get a better service than when speaking to India or some other far flung place after being on hold for ages etc

 

But it would be so simple to force a change after first login - just like you do with a domain user accounts in a work environment

 

I don't see it hardly with others is correct, one every few weeks/months - not coming up to 80 in 2 days like with BT this weekend!


Granted it does seem extraordinary to happen like this, and clearly something has happened. The thing to do is find out what it was.

 

Are these people regular customers, or are most of them new clients ?

 

For it to be this many that you've dealt with, to me it would seem likely to be something common - and I expect they must all be pretty local too, or is it by phone call ?

 

I do agree about the password scenario to a certain extent, in other words a flag set by the admin when they alter the password so the user is informed to alter it. However this would have to apply to every ISP, mail provider - and is actually likely to cause even more issues where people have to alter via a web access, then go into their mail clients and other connected devices to alter the passwords. It's not a simple one change.

Not everyone uses webmail, so they would have to use that in order to change a password, since things like Thunderbird, Outlook, and pretty much every other mail client would not do it.

 

Like I said at the start, a common problem seems to have occured, which needs to be isolated.