MWEB Email Migration – Critical Issues!

VIP007

Member
Joined
Jul 6, 2010
Messages
23
Reaction score
2
Since MWEB migrated their email system, I’ve been facing serious problems. My password was reset with my consent, and ever since, I have been completely locked out of my account.

I’ve tried contacting the call centre multiple times, only to be kept on hold for over 2 hours, and then the calls were dropped — not once, but several times. This is unacceptable.

I urgently need assistance from MWEB support. My work depends on access to my email, and right now my job is at risk because of this ongoing issue.

MWEB, please step up and resolve this immediately.
 
Since MWEB migrated their email system, I’ve been facing serious problems. My password was reset with my consent, and ever since, I have been completely locked out of my account.

I’ve tried contacting the call centre multiple times, only to be kept on hold for over 2 hours, and then the calls were dropped — not once, but several times. This is unacceptable.

I urgently need assistance from MWEB support. My work depends on access to my email, and right now my job is at risk because of this ongoing issue.

MWEB, please step up and resolve this immediately.
Mweb are not here... Maybe try their social media accounts i have had success getting through to someone going via that route for other braindead companies. Once resolved look at migrating to a proper decent mail host
 
Having issues with my parents email after their migration too, emails are missing which their antispamcloud shows was delivered. See there's a few similar issues on social media.

Their support is rubbish, they're only with them because because this email is old and dates back to the worldonline days which was taken over by Mweb.

Once resolved look at migrating to a proper decent mail host

Any suggestions?
 
Any one know the new smtp server ? ( no authentication) for them , speed test pick isp up as ntt data
 
This migration has been nothing but a critical failure. I have lost all mail before 2026, and mweb is useless at trying to fix this. They tell me to go to a backup portal. Yet I cannot login to that. Honestly can't wait to get rid of them. I highly suggest everyone migrates away from mweb. After being a customer for 20 years, this is the last straw.
 
My father-in-law's mweb account was compromised this week and he fell victim to a quite targeted phishing scam. When I jumped in to figure out what was going on, I was quite surprised to find that logging into the mweb webmail portal requires no two factor authentication. It doesn't seem very secure (but keep in mind I'm not an IT guy at all). I'm not clued up to this migration that I see is mentioned though, so not sure if my FIL has been migrated or what the story is.

I tried to phone mweb earlier this week but after holding on twice for an hour each time, I gave up. Their online chat function also kept malfunctioning so wasn't able to engage their support on there either.

I colleague of mine also fell victim to a scam like this last year and he also had an mweb account that was compromised. Coincidence?

I'm starting to think that mweb is specifically being targeted due to their poor security on their mailserver.

Blows my mind that this is a paid for product that is so bad and supported so poorly.
 
Wait until you see how their smtp server was/is secured, a while back you could send an email pretending to be anyone.
 
Wait until you see how their smtp server was/is secured, a while back you could send an email pretending to be anyone.
Spoofing a from address doesn’t mean the SMTP server was insecure. SMTP was never built to verify sender identity.

Real security comes from SPF, DKIM, and DMARC, which are published in DNS.
Was their mail server an open relay? If not, its just how email works.
 
My father-in-law's mweb account was compromised this week and he fell victim to a quite targeted phishing scam. When I jumped in to figure out what was going on, I was quite surprised to find that logging into the mweb webmail portal requires no two factor authentication. It doesn't seem very secure (but keep in mind I'm not an IT guy at all). I'm not clued up to this migration that I see is mentioned though, so not sure if my FIL has been migrated or what the story is.

I tried to phone mweb earlier this week but after holding on twice for an hour each time, I gave up. Their online chat function also kept malfunctioning so wasn't able to engage their support on there either.

I colleague of mine also fell victim to a scam like this last year and he also had an mweb account that was compromised. Coincidence?

I'm starting to think that mweb is specifically being targeted due to their poor security on their mailserver.

Blows my mind that this is a paid for product that is so bad and supported so poorly.
I can confirm of another case i helped investigate was due to exact same reason.

Person had email setup years ago in mail client and was unaware bad actor had been logging into MWeb webmail for months gathering information.
Once they had enough info they emailed payment account changes / mobile number changes / redemption
s/ etc + answered emails to requests which were then deleted from sent items so user was blissfully unaware.

No MFA was also concluded as the reason the mail account was compromised.
 
I can confirm of another case i helped investigate was due to exact same reason.

Person had email setup years ago in mail client and was unaware bad actor had been logging into MWeb webmail for months gathering information.
Once they had enough info they emailed payment account changes / mobile number changes / redemption
s/ etc + answered emails to requests which were then deleted from sent items so user was blissfully unaware.

No MFA was also concluded as the reason the mail account was compromised.
Yip, sounds almost like a carbon copy of what happened to my FIL. They intercepted the correspondence that came in from his accountant, deleted it, then sent it to him again (modified) coming from a domain they registered where they switched two letters around. The domain was registered through a service provider in Lithuania (on the same day that the accountant sent him the initial pdf letters that were intercepted). And the modified documentation was done really well, it's not like those fake SARS letters that you can clearly see are modified with different fonts etc. And the email came through in Afrikaans using similar language like the accountant would use.

Oh, they also created two contacts in his mweb webmail client to ensure the incoming emails don't appear like new email addresses or spam, but like known contacts.
 
  • Angry
Reactions: OCP
I can confirm of another case i helped investigate was due to exact same reason.

Person had email setup years ago in mail client and was unaware bad actor had been logging into MWeb webmail for months gathering information.
Once they had enough info they emailed payment account changes / mobile number changes / redemption
s/ etc + answered emails to requests which were then deleted from sent items so user was blissfully unaware.

No MFA was also concluded as the reason the mail account was compromised.

This doesn’t point to a hosting provider issue, it’s classic credential compromise. Most cases like this come down to a weak/reused password, phishing, or leaked credentials combined with no MFA.

If someone can log in with valid credentials, the mail host isn’t the problem, the user is.
 
This doesn’t point to a hosting provider issue, it’s classic credential compromise. Most cases like this come down to a weak/reused password, phishing, or leaked credentials combined with no MFA.

If someone can log in with valid credentials, the mail host isn’t the problem, the user is.
While I agree that the user should have had MFA - the fact that there is no option for MFA with MWEB mail hosting.

Add to the fact that there are numerous reported incidents of accounts having been accessed by 3rd parties (even accounts with long complex passwords) it does point to either a vulnerability being exploited or internal compromise.

Either way - don't use MWEB ;-)
 
Yeah I suspect that the level of fraud on Mweb email accounts is astronomical—there's a story here that we will never know the extent of.

It won't be easy to move a 70 year old away from his legacy email address, but I guess that's the right thing to do.
 
  • Like
Reactions: OCP
What on earth is going on with MWeb spam filtering (or lack of it) today? Dozens of fake Mweb (spelled like that) messages getting through.
 
What on earth is going on with MWeb spam filtering (or lack of it) today? Dozens of fake Mweb (spelled like that) messages getting through.
It's bonkers. I don't use Mweb but my mother does, and it's a good 20 - 30 spam messages per day.
 
On the subject of scam emails via Mweb, I've had around 600 since Friday. They nearly all originate in Germany with a .de suffix. I tried sending them all back to the sender and each one bounced straight back 🤬
1773246178945.png
1773246514082.png
1773246178945.png1773246514082.png
 
Top
Sign up to the MyBroadband newsletter
X