cancel
Showing results for 
Search instead for 
Did you mean: 

Email Account Hacked & Spam Settings

cornbunting
Hooked
Posts: 6
Thanks: 1
Registered: ‎11-05-2023

Email Account Hacked & Spam Settings

My email account was hacked a couple of months ago.  They listed my email account password.  We have our own domain name and I am a secondary account.  I changed the password on the secondary email account immediately.  I can still log into Webmail.  I looked at that site mentioned in another thread and it confirmed my email account has been hacked via a data breach.

 

I am still getting many nuisance emails (mail delivery failures, Amazon emails in Italian about orders, postmaster failures).  I don't click on anything and delete them permanently.  Initially my Netflix account was also hacked twice.  I changed my password on important accounts that don't have two factor authentification.

 

I got another nasty email last week asking for a ransom with usual threats about porn, (watching me on my camera) trojan installed, I have your contacts etc.  As I never look at porn and have no interest in it I know they are trying it on.  I can imagine it would panic many users though.

 

I called Plusnet Support for advice and they guided me to Spam filter and I spent several hours just putting in the last week or so nuisance emails that I hadn't deleted.  I kept getting Error 503 after update settings I think it was because I was putting too many spam entries in the box, so I put blocks in and the settings then updated.

 

I doubt very much this will stop the nuisance emails because every address they are from is different (other than the Amazon emails in Italian which may stop as they are the same each time, depending on the type of email, e.g. thank you for your order, order on way, order despatched etc).  The two nasty emails are also from different addresses.  

 

Can anyone offer any advice to stop this?  

 

I am sick of these data breaches.  We finally got a letter from Capita last week to inform us that there had been a data breach on a pension and providing us with 12 months of a credit check search.  In the letter said the data breach had also been our bank details!  It is appalling that no compensation is provided.  

 

Thanks for any help.

8 REPLIES 8
Townman
Superuser
Superuser
Posts: 24,107
Thanks: 10,266
Fixes: 176
Registered: ‎22-08-2007

Re: Email Account Hacked & Spam Settings

There is nothing you can do to close the door on this one.

Sadly this is a stark illustration of the consequences of having just one email address.  One of the great features of the Plusnet email service is the ability to have unlimited email addresses, be they actual mailboxes, address aliases or redirects.

Personally I use the CATCHALL facility which delivers all inbound mail to the default mailbox if the bit before the @ does not match a defined email address.  That allows anything@ to route to the default mailbox and I can then use a distinct email address with EVERY business.

If that business then gets hacked, you can change the email address used for that business and direct the old email address to the email black hole.

For example if you used amazon@ for only Amazon, if that email address got leaked, you give Amazon a new address (amazon2@) and consign amazon@ to a black hole service.

That limits your exposure, clearly identifies where the leak was and minimises the after event mitigation actions.

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

cornbunting
Hooked
Posts: 6
Thanks: 1
Registered: ‎11-05-2023

Re: Email Account Hacked & Spam Settings

That seems very impractical.  There are possibly hundreds of retailers, service providers, family, friends and other contacts in most people's lives.  

If I am understanding this correctly you create a separate email account for every one?

 

Townman
Superuser
Superuser
Posts: 24,107
Thanks: 10,266
Fixes: 176
Registered: ‎22-08-2007

Re: Email Account Hacked & Spam Settings

No, not impractical if you understand how things work.  There is a significant difference between an email account (mailbox) and an email address.

An email box can have multiple email addresses, similar to the letter box in your front door, through which anything addressed to your house (@your domain name) drops on to the door mat regardless of being addressed to husband, wife, son, daughter, dog or cat.  They are all "collected" by your door mat.

If your door had multiple letter boxes with different names on, the postie could put the each letter in the right box depending the addressee name.  Any letters for which there is no matching box either gets put into the one (also) marked as default (aka CATCHALL) or does not get delivered (returned 'no such addressee here').

So if you know what you are doing and are using a decent email service [domain] (that is not @gamil.com, @outlook.com, @yahoo.com etc), then this is exceedingly practical, something I have been using with no great hassle for many years.

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Anonymous
Not applicable

Re: Email Account Hacked & Spam Settings


@cornbunting wrote:

 

If I am understanding this correctly you create a separate email account for every one?


 

No, not a new account for each.

You have ONE email account to which all email is delivered.

However you use a different ALIAS for each contact.

Incoming email for every ALIAS arrives in one INBOX

Then you use your email client filtering rules to move unrecognised ALIAS / sender combinations to your SPAM folder.

In addition I would enable your email client SPAM filtering to learn the pattern of the SPAM messages - so that the email client SPAM tools can automatically filter junk messages.

 

For example -

Say your email client inbox is  "inbox@combunting.me.uk"

Then for example the email address you give Amazon might be  " amazon@combunting.me.uk"

When an email from something claiming to be Amazon arrives, it gets delivered to  inbox@combunting.me.uk

Your email client has a filtering rule that sees a new message in "inbox@combunting.me.uk" that says -

   IF message "To:" is equal to "amazon@combunting.me.uk"  AND  "From:" contains "@amazon.com"

   THEN keep the message (or move to a folder of checked messages)

   ELSE move the invalid message to SPAM folder (or DELETED folder)

 

 

Similarly you might give Tesco your address as  tesco@combunting.me.uk, and have a separate rule for that, etc

 

 

Because of various Plusnet email breaches, I have been doing the above for over a decade, and probably receive more than 3500 unwanted messages a day, but perhaps three unwanted messages per month get past my email filtering as described above.

.

Townman
Superuser
Superuser
Posts: 24,107
Thanks: 10,266
Fixes: 176
Registered: ‎22-08-2007

Re: Email Account Hacked & Spam Settings

@Anonymous 

Neat, but would need a new inbox rule for each new alias.  Personally I just use the DEFAULT mailbox as a "sin bin".  That said for third parties with whom I have substantial correspondence (a charity I run, Plusnet, CAMRA [multiple roles] and in the past, the business) they have individual real email boxes.

3500 spam items a day is rough!  I also use Plusnet's blackhole redirection to stop delivery to known breached email aliases - that negates the need for client side process following the "cost" of downloading.  It also keeps workload off the other IMAP clients (phone & tablets).

Recently I set-up a new business service with Mythic Beasts and I quite like their any mailbox "wildcard" facilities...

sales.anything@mydomain.com goes to sales@mydomain.com

purchases.anything@mydomain.com goes to purchases@mydomain.com

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

Anonymous
Not applicable

Re: Email Account Hacked & Spam Settings

@Townman - I do ALL of those things AS WELL,  but didn't mention it so as not to confuse/overwhelm the OP

 


@Townman wrote:

 

Neat, but would need a new inbox rule for each new alias. 


 

I tend to use a separate email sub-folder for known contacts, to keep correspondence together in one place, so have a rule to move incoming messages to the relevant destination folder, so it makes hardly any extra work to also check the "From:" field in the same rule.

Champnet
Aspiring Hero
Posts: 2,905
Thanks: 1,089
Fixes: 15
Registered: ‎25-07-2007

Re: Email Account Hacked & Spam Settings

@cornbunting  If you’ve changed your password there’s not a lot more you can do. Eventually the unwanted emails will stop. In the meantime try not to open any obvious spam messages as you’re only confirming your existence.

cornbunting
Hooked
Posts: 6
Thanks: 1
Registered: ‎11-05-2023

Re: Email Account Hacked & Spam Settings

Yes, I don't open any spam messages.  I just copy the email address from the preview pane and add to blocked messages box under the Spam tab in the Account Details.

 

There's no way I can create an Alias for every person or organisation that emails me, and I always unsubscribe after a purchase.

 

I've had 3 spam messages today - mail delivery failures.  So I am hoping they eventually give up.