We use cookies on our website. By selecting Accept, you are agreeing to our cookies. Find out more about our cookies
Accept
Reject
Skip to main content

email support

Ask us about your TalkTalk email account and Webmail.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PIPEX WEBMAIL ACCOUNT HACKED - 'Your account has been hacked'. Please assist!

WasPipex
Chatterbox

on ‎06-10-2018 11:04 AM

Message 10 of 10

 

Hi,  Please help!

 

I'm another ex-Pipex customer who has received an email.  It states a hacking group has hackedinto my account.

 

The hackers included a password (NOT the one I use to log into Pipex Webmail) however it IS a one I have used on other site.  Also, the email did appear to be sent sent directly from my pipex account.  They are also demanding money.

 

What is the best way to procede?  Best to delete/de-activate the account?  How do I go about this?  Do I need to forward the email anywhere?

Appreciate any help you can provide...

Mark Nilsen
0 Likes
9 REPLIES 9

Ady-TalkTalk
Support Team

on ‎12-10-2018 10:49 AM

Message 1 of 10

You're very welcome. 

Please log in to My Account if you need to view or pay your bill, manage boosts and track your usage. From My Account you can also check your connection and test your line for any issues in the Service Centre.

0 Likes

WasPipex
Chatterbox
In response to Ady-TalkTalk

on ‎11-10-2018 06:30 PM

Message 2 of 10

Thank you very much Ady, greatly appreciated…

 

Regards,

 

Mark N

Mark Nilsen
0 Likes

Ady-TalkTalk
Support Team

on ‎11-10-2018 09:51 AM

Message 3 of 10

I've changed the fault ticket to request suspension of the mailbox for you. 

Please log in to My Account if you need to view or pay your bill, manage boosts and track your usage. From My Account you can also check your connection and test your line for any issues in the Service Centre.

0 Likes

WasPipex
Chatterbox
In response to Ady-TalkTalk

‎10-10-2018 09:43 PM - edited ‎10-10-2018 09:44 PM

Message 4 of 10

Thanks for that,

 

I have now changed all accounts that use the pipex email address, therefore could I please request the account be suspended.

Mark Nilsen
0 Likes

Ady-TalkTalk
Support Team
In response to WasPipex

on ‎08-10-2018 12:43 PM

Message 5 of 10

Hi WasPipex, I've raised the fault ticket for you. Pipex mailboxes have to be reset by the Email Admins this means it can take 3-5 working days for them to be completed. If you haven't heard anything by Thursday post to let me know. 

Please log in to My Account if you need to view or pay your bill, manage boosts and track your usage. From My Account you can also check your connection and test your line for any issues in the Service Centre.

0 Likes

Gondola
Community Star
In response to WasPipex

‎07-10-2018 12:37 PM - edited ‎07-10-2018 02:01 PM

Message 6 of 10

Hi Mark

 

The pipex domain comes under the TalkTalk Business umbrella. The secure webmail login is https://netmail.pipex.net/index-ttb.php

 

Internet browsers do provide warnings of http connections both in the form of the red strike through grey padlock and an on screen pop-up under the login area warning "This connection is not secure".

 

The homecall domain login is part of the legacy insecure email service provided by homecall. The service is entirely insecure and unencrypted so the login being insecure rather follows that pattern.

 

Regarding the password change for pipex, there is no user ability to change the password but you've got a request in for a password change right here.

 

However, it's not a problem to change that to a suspension of the email account so nobody can use it. The account will not be deleted just yet and TalkTalk are not permitted to delete it. However, by putting the account into suspension will make it inactive.  After 180 days the system will flag it for deletion for non-use and then after a year the system will totally delete all contents.

 

So, if you've downloaded everything you need, would you like to have the account suspended?

GondolaVolunteer 2017-2022

  Like (below) to support me . . . Mark as solved (below)  Accept as Solution

0 Likes

WasPipex
Chatterbox
In response to Gondola

‎07-10-2018 11:58 AM - edited ‎07-10-2018 12:02 PM

Message 7 of 10

Thanks for the response Gondola,

 

1)  Could you advise how I would either close the account, or at least change the associated password, as I cannot find a way to do so through the webmail interfaces.

 

2)  Also, there are two seperate sites where I can read my mail, one of which is apparently unsecure

 

    https://netmail.pipex.net/index-ttb.php
       (site is titled TalkTalk Business, and yes I can login and se my mails)

 **http://webmail.homecall.co.uk/webmail?index=1
      (original default 'Pipex' page 'powered by TalkTalk')

 

I see the same emails in both sites, so it is the same account being used.

 

**IMPORTATNT  When accessing via http://webmail.homecall.co.uk/webmail?index=1 I recceive a notfication from my AntiVirus client (BitDefender) stating...

   

"...This page was blocked for your protection (http://webmail.homecall.co.uk/webmail?index=1 )

An attempt to send your password unencrypted, in plain text, was prevented on this page. View more details in the Notifications area of your Bitdefender security solution"

 

I checked and it appears I can use HTTPS for this site https://webmail.homecall.co.uk/webmail?index=1  which removes the issue of the password being sent unencrypted.

 

If that is the case then I think there should be notification sent to all ex-Pipex customers making them aware that they should switch to using https if the are using that site for access to mail.

 

Idealy, I would like to delete the account.  I'm currently making my way thorough my site list and changing the login email details to use other accounts.

Mark Nilsen
0 Likes

Gondola
Community Star

on ‎06-10-2018 11:19 AM

Message 8 of 10

Hi Mark

 

There seems to be a spate of blackmail scam emails targeting pipex email addresses.  These simply spoof the sending email address and invent the fake allegations. 

 

They may have obtained a password that they've linked to you from another site hack.  It's not your pipex password so unlikely that your pipex account has been hacked.  Stay calm, don't worry and above all don't respond in any way.

 

But if your pipex email password is weak, had been cracked or obtained from another website hacking and your email account potentially compromised as a result then of course it's vital to get it secured and a new ultra-strong password provided for you.

 

You'll need to prove you're the legal owner of the email with 5 items of personal data that only you would know.

 

Apologies if I'm repeating stuff you've already done but double check that you've added to your Community Profile, Personal Information (Click here) all of the following in the Private Notes area at the bottom of the page (To which only you and authorised TalkTalk Community Team UK staff have access):

  • Email address affected
  • Your Full Name
  • Date of Birth
  • Landline 'phone number linked to the pipex email address when first registered
  • Full postal address linked to the pipex email address when first registered
  • Include your mobile contact number and times to call - daytimes when you'll be there in person to receive the password and speak to the email team
    (for your security they won't leave a message with the password and there's no number to call them)
  • Save changes.

This topic has been escalated to the TalkTalk Community support team to verify the details recorded for the owner of the email address. The email expert will reply here to help with authorising the password change by the pipex email admins.  Expect a reply from Monday onwards.

 

Scan all your devices with anti-virus and anti-malware software solutions just to make sure passwords aren't obtained by keyloggers.

 

If you've used the same password elsewhere then do update those passwords with ultra-strong multi-case letters, numbers and allowed symbols of at least 10 characters (is my minimum recommendation).  Advice from CyberAware about passwords. Advice from GetSafeOnline about passwords.

 

If you don't know how your password for another website was obtained then try the haveibeenpwned site as that lists many known hacks and may be useful to identify where your data may still be compromised.

 

If you discover any fraud then the place to report that is ActionFraudUK.

GondolaVolunteer 2017-2022

  Like (below) to support me . . . Mark as solved (below)  Accept as Solution

WasPipex
Chatterbox

on ‎06-10-2018 11:08 AM

Message 9 of 10
FYI, I've included relevant details in my profile for identification
Mark Nilsen
0 Likes
© TalkTalk 2021