on 06-10-2018 11:04 AM
Hi, Please help!
I'm another ex-Pipex customer who has received an email. It states a hacking group has hackedinto my account.
The hackers included a password (NOT the one I use to log into Pipex Webmail) however it IS a one I have used on other site. Also, the email did appear to be sent sent directly from my pipex account. They are also demanding money.
What is the best way to procede? Best to delete/de-activate the account? How do I go about this? Do I need to forward the email anywhere?
Appreciate any help you can provide...
on 12-10-2018 10:49 AM
on 11-10-2018 09:51 AM
10-10-2018 09:43 PM - edited 10-10-2018 09:44 PM
Thanks for that,
I have now changed all accounts that use the pipex email address, therefore could I please request the account be suspended.
on 08-10-2018 12:43 PM
Hi WasPipex, I've raised the fault ticket for you. Pipex mailboxes have to be reset by the Email Admins this means it can take 3-5 working days for them to be completed. If you haven't heard anything by Thursday post to let me know.
07-10-2018 12:37 PM - edited 07-10-2018 02:01 PM
The pipex domain comes under the TalkTalk Business umbrella. The secure webmail login is https://netmail.pipex.net/index-ttb.php
Internet browsers do provide warnings of http connections both in the form of the red strike through grey padlock and an on screen pop-up under the login area warning "This connection is not secure".
The homecall domain login is part of the legacy insecure email service provided by homecall. The service is entirely insecure and unencrypted so the login being insecure rather follows that pattern.
Regarding the password change for pipex, there is no user ability to change the password but you've got a request in for a password change right here.
However, it's not a problem to change that to a suspension of the email account so nobody can use it. The account will not be deleted just yet and TalkTalk are not permitted to delete it. However, by putting the account into suspension will make it inactive. After 180 days the system will flag it for deletion for non-use and then after a year the system will totally delete all contents.
So, if you've downloaded everything you need, would you like to have the account suspended?
07-10-2018 11:58 AM - edited 07-10-2018 12:02 PM
Thanks for the response Gondola,
1) Could you advise how I would either close the account, or at least change the associated password, as I cannot find a way to do so through the webmail interfaces.
2) Also, there are two seperate sites where I can read my mail, one of which is apparently unsecure
(site is titled TalkTalk Business, and yes I can login and se my mails)
(original default 'Pipex' page 'powered by TalkTalk')
I see the same emails in both sites, so it is the same account being used.
**IMPORTATNT When accessing via http://webmail.homecall.co.uk/webmail?index=1 I recceive a notfication from my AntiVirus client (BitDefender) stating...
"...This page was blocked for your protection (http://webmail.homecall.co.uk/webmail?index=1 )
An attempt to send your password unencrypted, in plain text, was prevented on this page. View more details in the Notifications area of your Bitdefender security solution"
I checked and it appears I can use HTTPS for this site https://webmail.homecall.co.uk/webmail?index=1 which removes the issue of the password being sent unencrypted.
If that is the case then I think there should be notification sent to all ex-Pipex customers making them aware that they should switch to using https if the are using that site for access to mail.
Idealy, I would like to delete the account. I'm currently making my way thorough my site list and changing the login email details to use other accounts.
on 06-10-2018 11:19 AM
There seems to be a spate of blackmail scam emails targeting pipex email addresses. These simply spoof the sending email address and invent the fake allegations.
They may have obtained a password that they've linked to you from another site hack. It's not your pipex password so unlikely that your pipex account has been hacked. Stay calm, don't worry and above all don't respond in any way.
But if your pipex email password is weak, had been cracked or obtained from another website hacking and your email account potentially compromised as a result then of course it's vital to get it secured and a new ultra-strong password provided for you.
You'll need to prove you're the legal owner of the email with 5 items of personal data that only you would know.
Apologies if I'm repeating stuff you've already done but double check that you've added to your Community Profile, Personal Information (Click here) all of the following in the Private Notes area at the bottom of the page (To which only you and authorised TalkTalk Community Team UK staff have access):
This topic has been escalated to the TalkTalk Community support team to verify the details recorded for the owner of the email address. The email expert will reply here to help with authorising the password change by the pipex email admins. Expect a reply from Monday onwards.
Scan all your devices with anti-virus and anti-malware software solutions just to make sure passwords aren't obtained by keyloggers.
If you've used the same password elsewhere then do update those passwords with ultra-strong multi-case letters, numbers and allowed symbols of at least 10 characters (is my minimum recommendation). Advice from CyberAware about passwords. Advice from GetSafeOnline about passwords.
If you don't know how your password for another website was obtained then try the haveibeenpwned site as that lists many known hacks and may be useful to identify where your data may still be compromised.
If you discover any fraud then the place to report that is ActionFraudUK.