So I've been paying for entertainment pass... today I've been charged £17.99 for sports and boost.. I've not asked for this? Also had an email saying someone has used my account on a new device around the same Time. This was not me.. I've managed to change my password and log out all users, cancel the boost. My problem is the sports package isn't showing up on my account so I can't cancel it but I've a receipt for it on another email I've received. Any help would be appreciated 🙏
From your NOW online account, under My Bill's & Payments does it show payment for both the Boost and Day Sports Membership?
Under My Membership you can't cancel a Day Sports Membership where this type of Membership doesn't auto renew.
Also if you haven't done it already, add a Payment Pin to your online account.
If both the Boost and Day Sports Membership is showing under My Payments, then jump over to NOW live chat and ask for a refund.
To reach live chat click on the green chat online button from this link page below.
Two things to do.
1. Put a payment PIN on your account, so nothing can be started without your say so.
2. Check this link for other accounts using the same payment details.
Then jump onto live chat by clicking ‘chat online’ within the green box. Don’t hit ‘get help quicker’ as this is a bot.
Considering the breach, I see you have now dealt with it, or will have when you establish the Payment PIN.
In the old days, you had a fighting chance of see where the breach was from the Devices tab in your account, but this is probably no longer effective. Something Now could usefully revisit and put back how it used to be 😢
There are two principal ways that somebody else could have bought a Membership on your account:-
(i) They went in on a TV or other device of yours that has a persistent login (i.e. not a phone, tablet or laptop/PC/Mac) and simply took out the Day Sports Pass and Boost.
(ii) You disposed of such a device, without a Factory Reset to wipe it first, and somebody obtained it and used it.
In both these cases, a Payment PIN would have prevented this. And in both these cases, they did not need your password, and so will not have breached it.
But as you did not know the exact source of the breach, changing your password was a necessary precaution, because:-
A third way, much rarer, is if somebody knew your login and password, and signed on to any device anywhere that runs Now, with those details.
A Payment PIN would have prevented the purchase even here, as even having all your account details wouldn’t allow them to learn, or to change, what the PIN was.
Just changing your password does not stop users who were logged into your account on persistent devices from continuing to use them. This is why the step to log off all users, after changing your password, was necessary.
You should be pretty fireproof now, but never tell anyone your Payment PIN, unless you are prepared for them to buy Memberships on your dime, and your password likewise.