Email hacked

November 19, 2012

Last week, one of my customers had her BTinternet email hacked. The first she knew of it was when people in her contact list started to receive emails saying that she had been mugged at gun point in the Philippines and had no money.  Could they send … Needless to say, she was here at home in Thanet.

She used webmail but allowed her computer to remember the password so that she did not have to type it in each time.   She did have a very good security program installed in the PC although some applications may have needed updating.  When we logged onto her email we found that the Inbox was empty and that her Contacts had been cleared out.  We changed her password to something relatively strong using upper and lower case plus numbers.  I wanted to put in some *s as well but the BT system would not accept them.

Normally changing the password prevents further attack.  In this case I was called back the following day as no emails were being received.  When I checked this out, I found that emails could be sent but nothing would come into the Inbox on the BT server.  Where they went is anyone’s guess.  Emails using that address were being diverted somewhere out in the ether and never arrived at BT.  All we could then do was to set up a completely new email address.

The ultimate cause of this problem has left me guessing.  I just don’t know where the hacking initially occurred.  At the customer’s PC or somewhere else.  All I can suggest you should do to try and keep secure is 1) don’t leave your email logged in, 2) have a good quality Internet Security Suite and 3) make sure that your computer is fully up-to-date with Windows updates, updates for Flash, Java and any third party browser such as Firefox, Google Chrome etc.