We use cookies on our site to give you the best experience.
Accept
Reject
Manage your cookies
Skip to content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

email support

Ask us about your TalkTalk email account and Webmail.

Scammer has access to my account, cannot get them out

TandT
Newbie
Private Message TalkTalk

3 hours ago

Message 4 of 4
I have an old Tiscali email that I use through TalkTalk webmail.
 
My contacts have been receiving scam emails from my account. It is not spoofing, the email is coming from the genuine account and the replyto is going to the same account.
 
On the security settings, it keeps showing several instances of "OX App Suite" which I do not use. Despite changing my password and clicking "sign out from all devices" they keep regaining access.
 
The scammer keeps setting a mail rule to filter incoming replies into the archive and auto forward to their email address.
 
What can I do to keep them out??? It is deeply concerning that they have full access to the account, and the sign out from all devices doesn't seem to do anything.
 
There also seem to be some serious flaws in the security settings - the option to reset a password by sending an email to the account itself seems open to abuse (this seems to be what they are using), as does the ability to change recovery phone number/email address from the account menu without any security verification.
 
Any help would be greatly appreciated.
0 Likes
3 REPLIES 3

fr8ys
Community Star
Private Message TalkTalk
In response to TandT

16 minutes ago

Message 1 of 4

Sorry, I can't answer that.

 

How do you access your account? Webmail or third party client?

 

If the latter, maybe log in via the Web and see if there is anything there that may help or vice versa, download something like Thunderbird, Bluemail or another, log in your account and see if that  has 2fa that may help.

Please remember to mark Solved Posts with Best Answer. Doing so helps other customers and saves TalkTalk's Support Team time by only looking at unsolved topics. Thanks, Steve (a fellow customer).
0 Likes

TandT
Newbie
Private Message TalkTalk
In response to fr8ys

56 minutes ago

Message 2 of 4

Hi fr8ys, thanks for such a thorough response!

 

- Yes, virus scan run on all devices used to access the account on, nothing found. Since the issue started I have only been using a new device that has not been used with this account before, so should be clean.

- Password changed several times, new and unique each time

- Have been deleteing the rules each time they have been created - they have been active a couple more times today but not set any new rules (started Thursday/Friday). Password reset by them and then me each time.

- Recovery accounts set, and confirmed that they are not compromised

- No 2fa possible unfortunately

- Possible that it was started by a dodgy link click, fairly confident it hasn't happened again though. Being very careful with anything sent and received.

 

Do you know if there is any way that there is a way for a 3rd party client to bypass the need to login to access incoming emails? They appear to be using the option to change the password by sending an email to the account itself to change the password, even after "sign out of all devices" is clicked. Is it possible to disable this option so it can be done by recovery email/phone only?

 

At this point it doesn't matter a great deal, as soon as I am done changing over some accounts and saving my data I will be deleting the account. It would just be nice if they couldn't carry on in the meantime!

0 Likes

fr8ys
Community Star
Private Message TalkTalk

2 hours ago

Message 3 of 4

Have you run a virus and malware scan on all devices you use your email on? If not do so as soon as possible as its possible you have downloaded a programme tht is allowing the scammers to keep gaining control.

 

Change your password to one you have never used before.

 

Then clear any forwarding rules set up.

,

Download or export your contact list so you don't lose it. Scammers sometimes maliciously delete this.

 

Change your recovery rules. If you don't have an alternative email address set up a free outlook or google account and use this going forward. 

 

I'm not sure if its possible so check the help function and search 2fa or two factor authentication If it's possible set this up using your mobile and an alternative email address.

 

Hopefully following this you will regain control of your account.

 

Did you by any chance respond to a verify your email address email with a link? If so this is probably how they gained control of your account. It is important not to lick on link in any suspicious emails asking for verification where yiu habe not initiated the request. It may be that this has been resent by scammers after yoube locked them out and you thought it was a genuine step. If you get one after regaining your account just delete it.

 

Also delete any emails and responses received sent by scammers from your account and be aware that some of your contacts may also have fallen victims the!selves so be wary of any any emais you receive that have links in them.

 

apologies if you are already aware of these facts but thought it better to be thorough.

 

Hope this helps

Please remember to mark Solved Posts with Best Answer. Doing so helps other customers and saves TalkTalk's Support Team time by only looking at unsolved topics. Thanks, Steve (a fellow customer).
© TalkTalk 2025