Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1597 posts

Uber Geek
+1 received by user: 369


Topic # 159752 11-Dec-2014 17:04
Send private message

Has the ihug email system been hacked ?

https://community.vodafone.co.nz/t5/My-Vodafone-more/email-ihug/m-p/169494

This looks exactly like whats happended to one of my customers. Lots of bouncebacks , laptop is clean (or an undectable virus). no obvious sign of spam email beinmg sent from laptop.
I now have another customer, ihug/voda just informed them their a/c has been spamming.
About to check that one soon, I'll bet its also clean 


Filter this topic showing only the reply marked as answer Create new topic
928 posts

Ultimate Geek
+1 received by user: 607

Trusted

  Reply # 1195696 11-Dec-2014 17:20
Send private message

Typically due to insecure passwords.
The server isn't hacked just poor security on the end users part and spammers are using their SMTP address

3 posts

Wannabe Geek


  Reply # 1195997 12-Dec-2014 07:33
Send private message

Crap - there is no such thing as a 100% secure password!  Also how does that explain the 1000's of yahoo xtra customers that got hijacked a while back? Telecom had no hesitation in blaming Yahoo's poor security for that - not the accountholders

 
 
 
 


383 posts

Ultimate Geek
+1 received by user: 132


  Reply # 1196041 12-Dec-2014 09:02
Send private message

bizdiag: Crap - there is no such thing as a 100% secure password!  Also how does that explain the 1000's of yahoo xtra customers that got hijacked a while back? Telecom had no hesitation in blaming Yahoo's poor security for that - not the accountholders


You are trying to relate to vaguely related things as if they are the same.  The problem the OP is describing is a problem I dealt with multiple times a week working frontline support over 3 different ISP's. It in no way explains Spark's Yahoo problems. It doesn't try to because they are not related.


To OP.

The bad news about this type of problem is that the issue may not be with your customer. It may be that their email address is being spoofed elsewhere as the reply email address on spam being sent. As the bounce back emails are technically legitimate emails being sent back and under normal circumstances conveying important information to the sender naturally Vodafone's spam blocker does not stop the emails.




Please note: I have a professional bias towards Vodafone.

3422 posts

Uber Geek
+1 received by user: 411

Trusted

  Reply # 1196074 12-Dec-2014 09:43
Send private message

Goes to show how those poorer email providers don't have basic things in place to stop spoofing such as SPF.....





1710 posts

Uber Geek
+1 received by user: 169

Trusted

  Reply # 1196079 12-Dec-2014 09:48
One person supports this post
Send private message

Zeon: Goes to show how those poorer email providers don't have basic things in place to stop spoofing such as SPF.....


Poorer email providers? iHug is owned by Vodafone! laughing



1597 posts

Uber Geek
+1 received by user: 369


  Reply # 1196100 12-Dec-2014 10:09
Send private message

Andib: Typically due to insecure passwords.
The server isn't hacked just poor security on the end users part and spammers are using their SMTP address



Ive got to call BS   :-)
If an email server is so decrepid that it cant spot dictionary attacks or hundreds of consecutive failed logins.......

And yet, Voda allowed them to reset the pass to one of the more shockingly insure passwords Ive seen, despite voda knowing the spam issues
with this account.  This a/c had been temp disabled by voda for spamming (wasnt just spoofs)
Not just voda, other ISP's allow stupid email passwords .

I now have more info , so is looking more likely to be an issue with the users (same email a/c on multiple PC's and other issues I wont mention)
:-(

But anyway, just asking if any other ihug email users have had similar issues in the past few weeks.
probably all a co-incidence .

sorry if the thread got out of hand Demeter .


709 posts

Ultimate Geek
+1 received by user: 404

Trusted
Vodafone NZ

  Reply # 1196110 12-Dec-2014 10:15
4 people support this post
Send private message

Before this thread gets out of hand with misinformation:

1. Customer has a malware script on their machine which has hijacked their email client
2. Due to the large number of messages to invalid addresses, the account is disabled to prevent logins. Yes, we do actually monitor our SMTP server for these things and prevent offending accounts from running rampant.
3. This is not a Vodafone issue, merely a lack of proper security on the customer's end. The problem goes away when the customer gets their PC sorted.
4. In no way related to the Yahoo issue, at all.




3 posts

Wannabe Geek


  Reply # 1196114 12-Dec-2014 10:24
Send private message

BS indeed.  First sensible post so far. Ihug is clearly just a pain in the arse for Voda, as is obvious from these security failures and the conspicuous absence of name IHUG from any of the services promoted on their website

383 posts

Ultimate Geek
+1 received by user: 132


  Reply # 1196115 12-Dec-2014 10:25
Send private message

My bad. I missed the line where it was actively VF who identify the issue as spam being sent and simply saw that the OP saying the computers were clean. Clearly they were not.

bizdiag: BS indeed.  First sensible post so far. Ihug is clearly just a pain in the arse for Voda, as is obvious from these security failures and the conspicuous absence of name IHUG from any of the services promoted on their website

How do you go from saying the post is sensible to linking the issue to iHug? The post clearly states the customers computer was infected. iHug branding being missing isn't a conspicuous absence VF have not kept the brand of any company they have purchased, like BellSouth or TelstraClear.




Please note: I have a professional bias towards Vodafone.



1597 posts

Uber Geek
+1 received by user: 369


  Reply # 1196130 12-Dec-2014 11:02
Send private message

I have yet to see ANY evidence of virus infections on the PC's
Everyone is jumping to conclusions(incl me) and mixing up & misreading replies


81 posts

Master Geek
+1 received by user: 34


  Reply # 1196137 12-Dec-2014 11:09
One person supports this post
Send private message

bizdiag: BS indeed.  First sensible post so far. Ihug is clearly just a pain in the arse for Voda, as is obvious from these security failures and the conspicuous absence of name IHUG from any of the services promoted on their website


Issue has been explained clearly in 4 points. Not sure what else needs to be done. Rest is upto people's imagination I guess.

1710 posts

Uber Geek
+1 received by user: 169

Trusted

  Reply # 1196151 12-Dec-2014 11:37
Send private message

1101: I have yet to see ANY evidence of virus infections on the PC's
Everyone is jumping to conclusions(incl me) and mixing up & misreading replies



What have you used to look? Are you relying solely on a desktop AV product, or have you downloaded and run some of the deep scanners, something like ComboFix?


3 posts

Wannabe Geek


  Reply # 1197082 13-Dec-2014 22:03
Send private message

Imagination?  I prefer to deal in facts - real ones, not the pseudo type offered up by those with vested interests

xpd

Chief Trash Bandit
9150 posts

Uber Geek
+1 received by user: 1443

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 1197127 14-Dec-2014 07:41
Send private message

bizdiag: Imagination?  I prefer to deal in facts - real ones, not the pseudo type offered up by those with vested interests


You appear to have a real issue with Vodafone/IHUG.






XPD / Gavin / DemiseNZ

 

Server : i3-3240 @ 3.40GHz  16GB RAM  Win 10 Pro    Workstation : i5-xxxx @ x.xxGHz  16GB RAM  Win 10 pro    Console : Xbox One

 

https://www.xpd.co.nz - Games, geeks, and more.    


Filter this topic showing only the reply marked as answer Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.