Compromised Email Accounts
An email service is compromised when a third party obtains your iiNet password and uses these details to send email through the iiNet servers. These are typically spam or phishing/scam emails, which in turn generate complaints about the iiNet mail servers. In many cases, the emails are being sent from somewhere outside of Australia through a service called SMTP Authentication.
What happens if my email service is compromised?
- We have monitoring in place on all the iiNet servers and we deal with spam complaints as a top priority, so when we identify a client as sending spam through our servers we need to take urgent action.
- Once a compromised email account is identified, we will disable SMTP Authentication on your account to prevent unauthorised emails from being sent through our server.
- Your ability to send email is likely to be impacted. You still will be able to receive emails, however, depending on how you send emails and how many devices you use, you may find yourself in a situation where your phone is not able to send emails, while your computer can.
- In some situations, iiNet may need to suspend your email account and/or change your password for you. If this is the case, please call us on 13 22 58 to have your account unsuspended. If your account has been suspended, you won't be able to check your email until it is unsuspended.
What do I need to do if my email service is compromised?
- Change your iiNet passwords in Toolbox by following these instructions.
- Run an antivirus and anti-malware scan on your computer and remove any infections found. If your computer is severely infected and you have difficulty using it, you may need the assistance of a computer technician to get it working again. Disconnect the infected computer from your WiFi and/or modem to avoid the virus spreading to any other devices on your home network until the issue is resolved.
- It’s possible that your account was compromised by logging into an untrusted computer which may have captured your username and password. Examples may include airport terminals, work computers, web cafes, and so on. We strongly recommend changing the passwords on your social media and any web-based email accounts you also use.
- Once your password has been changed, please call us on 13 22 58 to get the suspension/block on SMTP Authentication on your email account removed. After this has been done, you'll be able to use your email account again.
Tips for better password account security
- Regularly scan your computer for viruses and malware.
- Make sure your WiFi network has a secure WPA/WPA2-PSK password, and don’t share this password with anyone you don’t want to have access to your network.
- Never share your passwords over email, instant messengers or social media. If you need to record any password, write it down on a piece of paper and keep it somewhere safe.
- Be cautious about using an untrusted computer to enter in your iiNet login details, it is possible this is how your details were compromised in the first place.