E-Mail has been successfully sent.
FAQ #4151
Artikel editieren
Artikel weiterleiten

Measures after a password misuse: tips for your protection

There are various reasons why someone could gain unauthorised access to your STRATO customer login. This could be because you use a password that is too simple, use the same password in several places or because your device is infected with malware. This means that your password can be intercepted quickly.

If third parties have unauthorised access to your account, they may be able to order new packages or domains, cancel or delete existing contracts or secretly make installations or changes that you may not immediately notice.

It is important to make sure that your password is secure and that you regularly check your devices and systems for malware to prevent unauthorised access.


If we detect unusual activity in/on your STRATO package or server, you will be notified by our ABUSE department and blocked if necessary. You will also be asked to take appropriate measures, as otherwise the platform and thus other customers may be affected. The backup and ongoing updating is part of the use of Internet services and is the responsibility and duty of the tenant of this service.


In this article, we will inform you about the necessary measures following such a case of misuse.

 
Table of contents Table of contents



Change passwords


1. An important part of your STRATO login is the e-mail address you have registered with us. Therefore, the first thing you should do is change the password for this contact e-mail address. This should be an external e-mail address (GMail, Web.de, Yahoo.de, GMX, ...) that is not stored at STRATO. This is why you will only find support on how to change the password there. There is usually a "forgotten password" function.

You usually use several passwords for the STRATO services you have booked.

→ What is the STRATO password system?
→ Our recommendations for good passwords


2. Please change all passwords at STRATO (master password, package password, DynDNS password, mailbox passwords).

→ How to change password for cutomer login
→ Webmail password change

If necessary, use the "forgotten password" function on our login pages.

Hint:

For additional security, please activate two-factor authentication for the customer login.



Remove malicious software


3. Check your computer for malicious software (viruses, Trojans, malware, spyware, etc.) using an up-to-date anti-virus programme.

→ Information of the BSI


4. Check your web space (web storage space for your websites at STRATO) for malware.

→ Access via FTP
→ What is FTP and how can I use it?

→ Last option: Deletion of all data in web space (worst case)



These related instructions will also help you with the steps shown:
→ Guide to unblocking your package


 

Check data & settings


5. Check the customer data we have on file (address, mobile phone number, etc.).


6. Check the DNS settings and redirects of your domains.

→ Can I manage my own DNS entries at STRATO?
→ All about domain forwarding


7. Remove mailboxes and subdomains that you have not created yourself.

→ Configuration possibilities in email management
→ Can I set up my own subdomains with the STRATO packages?


8. Check the booked orders and additional items for legitimacy. If there are any anomalies, proceed as described under point 9 and report any items you have not ordered yourself to our customer service.



Unauthorised debits


9. Check your bank account for unauthorised debits by Strato AG and in connection with point 8. If you have discovered third-party orders, then immediately arrange for a chargeback at your bank.

Please ensure that you inform our customer service immediately of this situation on 030 / 300 146 0 so that we can take appropriate action. Also, to avoid unnecessary reminders or debt collection, please do not return direct debits without our knowledge.


You can object to direct debits up to 8 weeks in the past by contacting your bank.

For older direct debits, contact your bank and ask for a refund of the amounts collected with the reason "invalid mandate". These refunds are possible retroactively for up to several months.


Further information:

https://www.bafin.de/SharedDocs/FAQs/EN/Verbraucher/Bank/Zahlungsverkehr/04_widerspruch_lastschriftabbuchung.html


If your bank is unable to carry out these refunds, have it confirmed in writing and with a signature on the bank's company letterhead that a refund is not possible on the grounds of an "invalid mandate" (see Section 676b (1) BGB).

The confirmation must contain the following information:

- A list of the invoices concerned, including the invoice number

- Indication of which account was debited

- Confirmation that you are the account holder


We recommend that you file a complaint with the police.

Was this article helpful?
Info: 79e5e6f0f9ba933f4208cd6521accce6d3b69a00