|
FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc. |
|
Thread Tools |
6 Aug 2011, 08:47 PM | #1 |
Member
Join Date: Feb 2002
Posts: 80
|
Warning about using POP server
Yesterday I got two warnings that I had used the POP server from my Member level account and that it is not provided at my account level. They want me to upgrade my account. The only thing is, I have NOT used their POP server! I exclusively use the webmail interface and have no email programs set up on any of my computers! Furthermore, I rarely use this Member account to send any email. Everything is forwarded to my "Full" level account and I send any email from there. The last time I used the Member account to send an email was in January.
I tried sending an email to support to ask what was going on and I got an email in return to continue the process. However, it states that they CAN NOT provide technical support to Member-level accounts, so that is a dead end. So, here I am to ask if anyone here knows what's going on and what I shoud do next. I have already changed my password (just in case my account had gotten hacked somehow) and I noticed an entry to disable POP logins under Account Preferences->Access and have checked that. Any other suggestions from all you email gurus out there? Thanks! |
6 Aug 2011, 09:35 PM | #2 |
Member
Join Date: Feb 2002
Posts: 80
|
More information
With further searching, I have discovered that someone in China is trying to access my account. I found this by going to Options and then Login Log and tracing the DNS of the IP shown there. There were 4 attempts made yesterday. What's not shown in the log is if they were denied because they were attempting to login using a POP server or if they failed because of the wrong password.
I'm hoping this is just a brute force attack and not my computer being infected with a keylogger or some other form of malware/spyware. As soon as I saw the login attempts, I shut down that computer and am going to disconnect it from the web and do a full system scan. I don't see how a keylogger would work in this situation because I very seldom login to that account, so there wouldn't be any keys to log. Any other suggestions to prevent this from happening again? |
6 Aug 2011, 09:43 PM | #3 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
|
6 Aug 2011, 09:58 PM | #4 |
Essential Contributor
Join Date: Jun 2009
Posts: 340
|
There is nothing to indicate that someone got hold of your password, right (as all 4 attempts Failed)?
I don't think there is much you can do to prevent this, as anyone can try to login with your account name. Disabling POP login (which is unsupported anyway, if I understand correctly) and changing your password is sensible, though. |
6 Aug 2011, 10:04 PM | #5 |
Member
Join Date: Feb 2002
Posts: 80
|
Contradiction
I guess you could say that. As I said, upon further searching, I did discover that someone in CHINA was trying to access my account via POP, so the email I received was correct. It just wasn't me that was trying to do the accessing! Thank goodness the Chinese attempts failed! I have disabled POP and IMAP logins on my accounts now since I only use the web interface. Hopefully, this will prevent such hacking attempts from succeeding in the future.
|
6 Aug 2011, 10:07 PM | #6 | |
Member
Join Date: Feb 2002
Posts: 80
|
Quote:
|
|
6 Aug 2011, 10:11 PM | #7 |
The "e" in e-mail
Join Date: Feb 2006
Location: EU
Posts: 4,945
|
May be this was a hacking attempt, or may be this was simply a genuine mistake: somebody mistyping the userid, you'll probably never know.
Changing the password and disabling POP & IMAP (if you don't use them) is a good idea in either case. |
6 Aug 2011, 11:20 PM | #8 |
Ultimate Contributor
Join Date: Dec 2001
Location: Canada.
Posts: 10,355
|
It's pretty sad (IMO) that Fastmail staff will not help a paid 'Member level' account holder (who also owns a paid 'Full' level account) when someone is trying to hack into any of their accounts.
|
7 Aug 2011, 11:29 AM | #9 |
Intergalactic Postmaster
Join Date: May 2004
Location: Irving, Texas
Posts: 8,929
|
I recommend that you check that your Fastmail master password is reasonably secure (long and using mixed letters/numbers/symbols). Changing your password won't help unless it is nearly impossible to guess because it is long and pseudorandom. And be sure that you don't use the same password for Fastmail as you use on another site. If someone has obtained a password and your Member email address which you used at some other site (even years ago), they might be trying that same user and password credentials to log into your Fastmail account. If they tried POP, they might also try IMAP or a website login. So it's good that you disabled IMAP access if you never use an email client.
Also remember that you can choose to create Alternative Logins which provide limited access, so that you can log in from public computers without revealing your master password to keyloggers or people looking over your shoulder. This means that after logging in with an Alternative Login which was created with Full Access disabled, the Options screen features are unavailable, and although you can delete messages in a normal fashion from most folders, you can't delete any messages from your Trash folder. So someone who gets access with a restricted password:
If the attacks continue in some manner which is bothersome, I'm sure that a Fastmail staff member would look into it if you posted here. You could also PM on this forum yassarali (a Fastmail support person who frequents this forum looking for unresolved significant issues). Bill Last edited by n5bb : 7 Aug 2011 at 11:44 AM. |
10 Aug 2011, 10:53 PM | #10 | |
Cornerstone of the Community
Join Date: Mar 2003
Location: Baltimore, MD (USA)
Posts: 835
|
Quote:
FWIW, I've been an Enhanced/Family member for most of my time with FM, but I can definitely see where Member account holders are feeling short-changed of late. |
|
11 Aug 2011, 03:44 AM | #11 | |
Cornerstone of the Community
Join Date: Jun 2004
Posts: 743
|
Quote:
My impression is that it's not so much that FastMail won't provide any support for member-level accounts. They just won't hold your hand when, for example, you're trying to set up Thunderbird to access your account. |
|
11 Aug 2011, 08:05 AM | #12 |
Ultimate Contributor
Join Date: Dec 2001
Location: Canada.
Posts: 10,355
|
Judging from the severity of the issue I considered otherwise.
|