Read the forum guidelines
We have received (so far) 2 emails from Cox claiming that "We've detected suspicious activity on your Cox.net email account firstname.lastname@example.org [and email@example.com] and believe this email address password may be compromised or your computer may be infected with Malware. If you do not recognize this email account, it may have been created without your knowledge." We regularly scan our Mac with MalwareBytes, and other utilities, seeing NO malware here. The email goes on to say that we should change our password(s). Is anyone else getting these things? Is there any way to get through the bureaucracy to find just what "suspicious" activity they are seeing?
Or is it just one of those annoyances ...
Um... Wow. Call yourself out. And VPNs are cheap .
What "suspicious activity" is what I want to know. It's my account. Tell me what some malefactors are doing to it. Secondly, this is the email address of the account holder. Why doesn't Cox recognize it? It's how they've reached me for 20 years.
If there are no malefactors, then Cox is in the "fake news" business. That's not company you want to keep.
Yeah, I'd like to know, too. Apparently, a large number of Cox e-mail customers have gotten this message from Cox. My first thought was this was a phishing attempt, but the note had the last 4 digits of my account number. I called Cox support, and as I was waiting for a CSR, there was an automated message stating that call volumes were very high, and that a number of accounts were showing suspicious activity, and an e-mail had been sent to the account holders as a warning with a requirement to change the password or be locked out after 24 hours.
So, it appears there has been a true, and significant attack on Cox e-mail customers. But, Cox, we'd all like to know more details. How long has this breach been going on, and when did Cox first detect it? I think Cox needs to make an official announcement stating what happened, what customer information was compromised or stolen, and what Cox is doing to prevent future incidents like this.
In light of the massive data breaches this year, I'm expecting Congress to get involved, and perhaps start holding corporate executives accountable for any negligence on the part of their companies.
There is a post on DSLReports too, so this must be a "thing". Poor taste to do it through email IMO, since that is the medium compromised. Why not a message through MyAccount? They can sure use it to advertise new products (Gigablast) so why not use it for important things like this.
I got it too. I agree with the forum user who said "Poor taste to notify us thru email since it was email that was compromised" (thanks WiderMouthOpen). I read over the original notification several times before going to MyProfile. Will someone ever tell us what actually happened?