Stop Using Bigpond Email

Security Warning: Hacked Bigpond accounts

It is widely recognized that cyber attacks cost Australian businesses billions of dollars each year. However, it’s crucial to understand that every individual is also a target for opportunistic hackers.

Recently, there has been a significant increase in the compromise of Bigpond email accounts by cybercriminals. If you or someone you know has a bigpond.com email address, it is high time to consider migrating to a more secure and modern alternative.

We have witnessed a notable surge in cyber threats targeting various email services, with older technology platforms like Bigpond being particularly vulnerable. A compromised mailbox can be exploited to propagate scams, distribute malware, and, in some cases, steal the account owner’s identity.

Many Bigpond users are unaware that their accounts have been hacked because hackers remain discreet, monitoring incoming and outgoing emails until they find exploitable information. In several instances, unsuspecting Bigpond users had their tax returns fraudulently filed by hackers, with the refund being redirected to the hacker’s account.

Moreover, many individuals have reported unauthorised tampering with their emails. They often receive legitimate invoices, but the hacker alters the account information so that payments inadvertently go to the hacker.

The root of the problem appears to be the outdated email platform itself. Bigpond, introduced by Telstra in 1996, seems to be struggling to keep up with the evolving landscape of cybersecurity. While Microsoft and Google lead the industry with increasingly stringent security features, Telstra’s Bigpond has changed little since the early days of the World Wide Web.

Additionally, there are concerns about Bigpond’s customer support, which reportedly lacks effective assistance for users who fall victim to hacking incidents. The primary advice given is to change passwords, with limited capabilities to assess the extent of compromise on user accounts.

Bigpond is lacking essential security features commonly found in modern email platforms. For example, it does not offer the ability to track the geographic location of login attempts, leaving it vulnerable to cyberattacks from foreign sources. Furthermore, Bigpond relies on a legacy authentication system, making it susceptible to brute force attacks, even with 2FA (second factor authentication) enabled.

While every email platform faces spam, Bigpond’s spam filtering is often inconsistent, allowing harmful content to pass while frequently blocking legitimate emails.

Fortunately, there are alternative free email services available that offer enhanced security features, such as Microsoft’s Outlook.com and Google’s Gmail. These alternatives provide robust security measures, including modern authentication methods, 2FA, access logging, and AI-driven threat analysis.

We understand that many Bigpond users are reluctant to switch to a new email platform because all of their contacts have their current email address, and they do not want to risk missing any important messages. However, it is possible to seamlessly redirect your Bigpond emails to your new email account by following these steps:

1. Sign in to My Telstra using your Telstra ID and password.
2. Navigate to “Settings” (the cog icon).
3. Select “Mail.”
4. Choose “Auto-forward.”
5. Activate Auto-forward and enter your new email address in the “Destination” field.
6. Be sure to deselect “Keep a copy in your inbox.”
7. Click on the “Save” symbol.

After setting up redirection, we strongly recommend updating your Bigpond password to a long, unique string of random characters for enhanced security.

It’s important to note that Bigpond is not the only email service with security vulnerabilities. Even after transitioning to a more secure email service, it is essential to remain vigilant to protect yourself online. Here are a few helpful tips:

• Use 2FA whenever available.
• Avoid reusing passwords; each account should have a unique password.
• Utilise a password manager and regularly update your passwords.
• Always double-check the sender before taking any action requested in an email (it might not be from whom you think it is).

An eye-opening activity you can do right now is to check if your email address or phone number has already been compromised by hackers. The website https://haveibeenpwned.com is a trustworthy database of hacked web platforms where you can search for your information.

Remember, everyone is a potential target for hackers. Take proactive steps today to protect yourself.