Reply
New Visitor
jennreap
Posts: 1
Registered: ‎04-06-2011

Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

Okay, so this same thing has happened to me...people are REALLY getting mad at me. I will change my password and delete my contact list.

 

I saw the questions from the help desk so, here are my answers.... I would really just like to find out how this happened.

 

1. Yes, there were copies in my sent folder.

 

2.Not sure what you're asking??

 

3. Yes

 

4.  No

 

5. Yes

 

6.  Yes

 

***Not sure if this is connected, but 90% of the time when I get the undeliverable message (because a few of my contacts recently passed away, and I didn't remove them yet.)I also get an email from Snapfish stating that I need to resend my photos and video to them because it was lost.  But when I went to Snapfish, my account has all of my photos and video.

 

Let me know what else I can do...IT'S A REAL BUMMER WHEN YOUR FATHER GETS A SEXUAL ENHANCEMENT EMAIL FROM HIS DAUGHTER. 

Email Expert
CCCarole
Posts: 28,884
Registered: ‎05-21-2006

Re: comcast e-mail hijacked

jennreap,

 

You answered Yes to some of the questions concerning using the SAME Username and password on multiple different sites.

 

1. Yes, there were copies in my sent folder.

 

2.Not sure what you're asking??

If you use an email client, such as Windows mail, Outlook,etc. Does the Sent folder inthe client also show emailmessages sent that you did not send?

 

3. Yes (Do you use a social media program (Facebook, Twitter, etc))

 

4.  No (If yes to the above,, was the contact list populated from their contact list.)

 

5. Yes (Do you use the same username for each account (Smartzone, Email Program, Facebook, etc)

Are you saying here that you are using the same Username for Smartzone, an email program, AND also use the same Username for Facebook?

 

6.  Yes (Do you use the same password for any of the above)

You should never use the same password for more than one Username. I strongly recommend that you change the passwords for each one to a completely different password for each.  JR provided a link in his post that will help you create strong passwords.

 



Need Email Help? Please post the following information in your post.
Do you use XfinityConnect? The Full or Lite version?
Do you use an email client? Which one? (Eg; Windows Live mail, Outlook, a smartphone etc.)
Which browser/version do you use? And- have you cleared your browser cache?
Which operating system? XP, Vista, Windows 7, Mac OS X
Details of the problem you are having.




Bronze Problem Solver
RobW_AA
Posts: 329
Registered: ‎10-08-2008

Comcast e-mail hijacked / Spam sent from my account that I didn't send

Hi jennreap,

 

Do you use an email program like Outlook Express, or do you use our webmail at www.comcast.net in the email link? 

 

Please confirm you have changed your password.  That needs to be the first step.  Then ensure your computers are secure and up to date with antivirus software and operating system updates.

 

How a spammer got your password and used it to login and send email could be a number of ways, such as:

 

A key logger virus/trojan on your computer that records your keystrokes and will email the file without your knowing. 

 

Phishing emails are the primary ways spammers get a hold of passwords.  For example you mentioned Snapfish.  If you received an email that appeared to be from snapfish, or facebook, or any site you use your email address as the login could be the culprit.  There are phishing sites out there that are extremely difficult to notice a difference between a fake site and real one.

 

It is also possible to get information if you are using a wireless router and it is unsecured.

 

These are just a few ways it can happen.   Per the posts about passwords, they are right that strong passwords are crucial.  It is also important to try not to share passwords from one site to another.

 

If you can provide me with the times and dates the spam was sent, it could help my investigation. 

 

Thank you and sorry for any troubles, receiving an email from a family member that is spam is understandably a bummer.  With the steps above, it should prevent this from occurring again.

 

Rob W

Comcast

New Visitor
dcaviar
Posts: 2
Registered: ‎04-27-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

RobW_AA,

 

Same thing happened to me last night.  Any progress on your investigation?

Web Page Expert
BethKatz
Posts: 6,198
Registered: ‎11-14-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

dcavier, did you change your password and scan your computer for malware?

New Visitor
dcaviar
Posts: 2
Registered: ‎04-27-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Yes - right away this AM!  (Also, as a preventative measure, I deleted all contacts from my address book.)  FYI, the emails in question show up in my Sent folder as having been sent between 2 AM and 3 AM CDT.

Web Page Expert
BethKatz
Posts: 6,198
Registered: ‎11-14-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I alerted admins here.

Contributor
amywatkins
Posts: 7
Registered: ‎04-29-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

This exact same thing happened to me. I had no sent messages on my local email client, but ran scans, did clean-up of errant registry entries, etc. I thought all was good. And then, it happened again today...all passwords have now been changed, and the address book on webmail/Smartzone deleted. But yes, I'm equally disturbed that this is how it occurred...

Visitor
Posts: 3
Registered: ‎02-17-2007

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

The same thing has happened to me now.  I called comcast to report it; but, the representative didn't seem too concerned with it.  She took my information & gave me a reference # as if it was a common occurrence.  But, at least I did report it.  I also had the spam messages sent from my email through the webmail/smartzone.  But, they weren't listed on my computer, nor in my email client.  So, it doesn't appear to have come from my computer.  126 messages were sent out from my email to my contacts within the smartzone area.  That's the only place that it showed up.  I changed my password, deleted everyone in my address book & deleted all of the messages that were sent out.  I have checked my computer & I don't appear to have any viruses/malware on it at this time.  I do use facebook & twitter; but, my usernames/passwords are not the same & my contact lists are different.  I have not connected/populated the social networks with my contact list for my email.  So, the only common variable is the comcast smartzone & that tells me someone breached my comcast email in some manner. 

 

Is there anything else I need to do to protect my email account?  I'm currently searching for a job.  So, I can't delete this email & open a new one.  This email is listed on all my resumes.  So, I just want to ensure my current comcast account is safe & secure. 

 

Thanks!

Administrator
ComcastLarry
Posts: 2,070
Registered: ‎05-04-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Hello,

 

Sorry for the late response and I will be looking into this issue. Did changing the password help anyone with this issue?

Thank You

-ComcastLarry-
New Visitor
jimmy74747
Posts: 1
Registered: ‎05-26-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Let me add my name to the list of those who got hacked.  It happened between 5:30 and 7:30 tonight.  I did change my password and deleted my contact list.

 

I know this is a first step and I will monitor to see if this happens again, but I do want to know why this has happened

New Visitor
SMCollins
Posts: 11
Registered: ‎05-25-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

this is why AJAX and FLASH are so unsecure. Its easy to keylog from the api even when things don't appear to be hostile. 

 

hitmanpro3.5 will clean up any browser malware for you, ditch nortons and download malwarebytes. 

New Visitor
hillarymeister
Posts: 2
Registered: ‎05-30-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I had the same issue happen to me. I came here and read through everyone's messages. I learned that my online mail at SmartZone had been hacked into. It had been sending out spam messages to two people in my address list (the only two in my address list). I deleted them from the address book, changed my password AND created a new email address for me to use. Hopefully, that will solve the problem. Thanks for all the info here!

Contributor
amywatkins
Posts: 7
Registered: ‎04-29-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Yes, changing the password resolved the issue. But I'd like to know why the web email was so unsecure to begin with.

Email Expert
JR071702
Posts: 6,888
Registered: ‎03-10-2004

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send


amywatkins wrote:

Yes, changing the password resolved the issue. But I'd like to know why the web email was so unsecure to begin with.


Check out the Comcast response earlier in this thread - http://forums.comcast.com/t5/E-Mail-Help-Forum/Comcast-e-mail-hijacked-Spam-sent-from-my-account-tha...

 

JR

Contributor
amywatkins
Posts: 7
Registered: ‎04-29-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

JR, I did all of this. I checked my local machine, scanned, and none of the email was sent from my machine itself. All of it was sent only from the online SmartZone portion, every last one of them. I hadn't used the online/Smartzone in almost a year (since I was laid off and accessing my email during the day online instead of from my home PC or Blackberry). All of the spam emails were in the sent folder of Smartzone. The feedback was also provided via Smartzone feedback.

Email Expert
JR071702
Posts: 6,888
Registered: ‎03-10-2004

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

amywatkins wrote:

JR, I did all of this. I checked my local machine, scanned, and none of the email was sent from my machine itself. All of it was sent only from the online SmartZone portion, every last one of them. I hadn't used the online/Smartzone in almost a year (since I was laid off and accessing my email during the day online instead of from my home PC or Blackberry). All of the spam emails were in the sent folder of Smartzone. The feedback was also provided via Smartzone feedback.


Once your password had been compromised, it is much easier for that person to use the password to get into SmartZone (which can be done from any computer connected to the Internet0 - vs having to access your computer.

 

In other words, your computer can be clean, but your Comcast userid can still be sending out spam via the web-based interface due to a compromised password.

 

Using strong passwords - and changing them regularly - is the best solution.

Here is a link to a Microsoft article called Strong passwords: How to create and use them which is good reading on the subject.

 

It's also advisable to not use the same password (strong or not) for multiple locations.    That way, you can limit your exposure should it be compromised.
JR

Contributor
amywatkins
Posts: 7
Registered: ‎04-29-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Not to sound arrogant, but I'm well aware of all of this having worked in software qa for 15 years. It seems to me this was an internal issue with password security within Comcast itself...

Visitor
Posts: 3
Registered: ‎02-17-2007

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Changing my password & deleting my contacts from the smartzone seems to have worked.  However, my biggest concern was with the lack of concern by the Comcast representative that I spoke to regarding this breach.  She acted like this was an every day common occurrence.  If that's the case, then Comcast needs to do more for their smartzone security.  I get the feeling that other than noting it in the system, Comcast was not concerned with the fact that my email was breached/hijacked.  So, I have to wonder how many more people this happens to; but, don't think to look for a forum to discuss/document their concern. 

 

Also, it would be nice if Comcast would upgrade what's allowed for passwords.  Right now, they don't allow us to use spaces, nor longer passwords.  I wanted to use an usual phrase that would only mean something to me for my new password.  But, the system wouldn't allow me to include the spaces & it said my password was too long.  To ensure proper email security, you really should allow for a longer password (currently only 8-16 characters).  It would definitely help to decrease how often these breaches happen.  Just something for Comcast to consider for their upgrades in the future. 

 

Thanks!

Contributor
amywatkins
Posts: 7
Registered: ‎04-29-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I share your sentiments Trd.

Web Page Expert
BethKatz
Posts: 6,198
Registered: ‎11-14-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

If you are using the same password on multiple sites, Comcast's server did not need to be compromised for your account to be compromised.

 

I hear you on wanting longer passwords with more character options.

Contributor
amywatkins
Posts: 7
Registered: ‎04-29-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

This is true...but it also doesn't mean their servers weren't compromised.

Visitor
Posts: 3
Registered: ‎02-17-2007

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I don't use the same passwords on multiple sites.  I actually change them based on what's allowed for the passwords on each site & I don't connect my social networking accounts with my contacts for my email.  So, I do as much as I can to avoid these problems.  That's why I was surprised when this happened.  The sad part is that even Facebook allows longer & more complicated passwords than Comcast does.  That tells me that Comcast is way behind on upgrading their security information. 

New Visitor
bakanomiko
Posts: 2
Registered: ‎05-30-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

The very same thing happened to me. I got a returned email on something I never sent. Then another friend let me know she has been receiving weird emails from me as well. Nothing is being sent from my computer at all. It's not my machine that was compromised. I went ahead and changed my password, despite it being strong to start with. ( I do tech support for a living, so I know about needing strong passwords, security, etc. )

I then checked my SmartZone account after finding this topic and sure enough, there are the sent emails. They are in my Sent folder on the webmail. I can forward them to whoever at Comcast is researching this so they can have the header information.

Web Page Expert
BethKatz
Posts: 6,198
Registered: ‎11-14-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I'm bringing this thread to the attention of the Comcast forum administrators. Although they insist the Comcast servers were not compromised, the symptoms point in that direction. Someone needs to investigate further.

New Visitor
Posts: 1
Registered: ‎01-03-2010

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I too had my account hijacked and emails sent out by spammers.  I do use social media but it is not connected to this email address at all.  Additionally, I have virus protection on my computer and only log on using a secure router.  I would love to hear Comcast's explanation for all this. 

Email Expert
CCCarole
Posts: 28,884
Registered: ‎05-21-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Anyone that is having this issue needs to immediately change their password.


Also, do not use the same password on multiple sites.  A strong password consists of upper & lower case letters, mnumbers, and a character or two.  IF you also use an email client in addition to Smartzone, make sure that you change the password there as well to match your neew password.

 

 



Need Email Help? Please post the following information in your post.
Do you use XfinityConnect? The Full or Lite version?
Do you use an email client? Which one? (Eg; Windows Live mail, Outlook, a smartphone etc.)
Which browser/version do you use? And- have you cleared your browser cache?
Which operating system? XP, Vista, Windows 7, Mac OS X
Details of the problem you are having.




Web Page Expert
BethKatz
Posts: 6,198
Registered: ‎11-14-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

I see that many of you are seeing some of the sent messages are stored in your Sent folder in SmartZone. Please check that the deletion settings for that folder are set to Never so that the evidence is retained. In that case, someone sent the messages from your account and needed your password to do so. That's why you changed your password

 

However, if you are not seeing the sent messages in your Sent folder, it is entirely possible that someone is just using your email address as the return address on whatever they are sending out. It is incredibly easy to pretend to be (spoof) whatever email address you wish to use. It's hard to hide that you've done so, but many of us have been doing that, for our own accounts legitimately, for years.

 

The ease of spoofing is one reason why it's good to not spread your email address all over the place. It's why we encourage you to send messages to groups of people using blind-carbon-copy (bcc). It's why you shouldn't post your email address in public forums.

 

But just because your friends get email "from you" that really isn't from you does not mean that someone has your password or that your computer is infected. It might be, but it isn't essential.

 

And to echo Carole's note: In any case, it's a good idea to change your password.

Email Expert
CCCarole
Posts: 28,884
Registered: ‎05-21-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Adding some information about Spoofed Email Addresses

 

Spoofed E-mail Address

Your email address has been spoofed- means someone else is using it in the From field so it appears to be from you.  An easy way to think of spoofing: I write a letter, put in an envelope, address it, stick a stamp on it, put it in the mailbox. Only instead of using my name and address for the return address, I use George Bush's and the address of the White House. 

You just happened to also receive a copy of the mail.

There really isn't anything you can do except wait it out.

Norton or other security programs won't stop it.  They'll soon move on to someone elses.

 

One more thing to point out:  Are you getting bounce messages for mail you never sent? If so, this is the reason. Since your address is being spoofed, the spam is being sent out in mass, and some of it goes to addresses that no longer exist. As a result, the bounce comes back to you.

 

Credit to Mady for this explanation.





Need Email Help? Please post the following information in your post.
Do you use XfinityConnect? The Full or Lite version?
Do you use an email client? Which one? (Eg; Windows Live mail, Outlook, a smartphone etc.)
Which browser/version do you use? And- have you cleared your browser cache?
Which operating system? XP, Vista, Windows 7, Mac OS X
Details of the problem you are having.




New Visitor
fancenlp
Posts: 1
Registered: ‎10-10-2008

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Add me as one more to the list today as getting hijacked/Spam this morning from my account.  Of course, it was from my secondary account that I use professionally as I am trying to get employed. Way to go Comcast!   Before I called Comcast or read this Forum I had already changed my passwords and deleted my address book. 

 

When I called Comcast, the Rep. wasn't really sure what to make of this - I had to lead him through the issue & process that the emails were sent through SmartZone and not by my home computer & laptop and that I am on a secured network.  He also said that I should call the people that were sent emails and tell them not to open them because it would probably keep happening on an endless loop - it was their problem. 

 

I suggested that more needed to be done to resolve this problem and I also wanted to know how this could have happened in the first place.  Customer Service ended up writing up their proverbial "ticket" for me to have my account looked at - I told them I don't care what they do - blow up my email Sent account if they have to but get rid of this virus.

 

I do feel better that it is not just me though.:smileyblush:

Email Expert
madylarian
Posts: 8,394
Registered: ‎06-30-2003

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send


bakanomiko wrote:

The very same thing happened to me. I got a returned email on something I never sent. Then another friend let me know she has been receiving weird emails from me as well. Nothing is being sent from my computer at all. It's not my machine that was compromised. I went ahead and changed my password, despite it being strong to start with. ( I do tech support for a living, so I know about needing strong passwords, security, etc. )

I then checked my SmartZone account after finding this topic and sure enough, there are the sent emails. They are in my Sent folder on the webmail. I can forward them to whoever at Comcast is researching this so they can have the header information.


It would be interesting to see the headers for one of them.  Would you be willing to post them with the addresses removed?

 

mady

Honi soit qui mal y pense
New Visitor
bakanomiko
Posts: 2
Registered: ‎05-30-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

No worries. I also ran WHOIS and TRACERT on the originating IP addresses, and they're from Amsterdam, Taiwan and Madrid. Go figure.

 

Here's a sample:

 

Date: Sun, 22 May 2011 10:23:29 +0000 (UTC)
From: xxx@comcast.net
To: ((Removed for privacy))
Message-ID: <1396872741.1795561.1306059809381.JavaMail.root@sz0148a.westchester.pa.mail.comcast.net>
Subject: Re:2
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [190.88.76.159]
X-Mailer: Zimbra 6.0.5_GA_2431.RHEL5_64 (zclient/6.0.5_GA_2431.RHEL5_64)

It=EF=BF=BDs reliable. It helps me!... http://soukharev.ru/friends_links.ph=
p?gCID=3D32az3

 

-=-=-=-=-=-=-

 

ate: Sun, 22 May 2011 10:23:53 +0000 (UTC)
From: xxx@comcast.net
To: ((Removed for privacy))
Message-ID: <1504278948.1795571.1306059833257.JavaMail.root@sz0148a.westchester.pa.mail.comcast.net>
Subject:
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Originating-IP: [88.8.3.22]
X-Mailer: Zimbra 6.0.5_GA_2431.RHEL5_64 (zclient/6.0.5_GA_2431.RHEL5_64)

Change your life right now!... http://mikeyjetadore.free.fr/friends_links.php?xohot=37jp6


New Visitor
hillarymeister
Posts: 2
Registered: ‎05-30-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Here's the results of checking the originating IP address from the header of one of the spam messages that was sent from my account. It is in Amsterdam:

 

You Searched for: 83.6.45.101 83.6.45.101 Record Type: IP Address  

#
# Query terms are ambiguous.  The query is assumed to be:
#     "n 83.6.45.101"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=83.6.45.101?showDetails=true&showARIN=false
#

NetRange:       83.0.0.0 - 83.255.255.255
CIDR:           83.0.0.0/8
OriginAS:       
NetName:        83-RIPE
NetHandle:      NET-83-0-0-0-1
Parent:         
NetType:        Allocated to RIPE NCC
Comment:        These addresses have been further assigned to users in 
Comment:        the RIPE NCC region. Contact information can be found in
Comment:        the RIPE database at http://www.ripe.net/whois
RegDate:        2003-11-17
Updated:        2004-03-16
Ref:            http://whois.arin.net/rest/net/NET-83-0-0-0-1

OrgName:        RIPE Network Coordination Centre
OrgId:          RIPE
Address:        P.O. Box 10096
City:           Amsterdam
StateProv:      
PostalCode:     1001EB
Country:        NL
RegDate:        
Updated:        2011-03-15
Ref:            http://whois.arin.net/rest/org/RIPE

ReferralServer: whois://whois.ripe.net:43

OrgTechHandle: RNO29-ARIN
OrgTechName:   RIPE NCC Operations
OrgTechPhone:  +31 20 535 4444 
OrgTechEmail:  do_not_email@ripe.invalid
OrgTechRef:    http://whois.arin.net/rest/poc/RNO29-ARIN

Also, after doing a search on RIPE, I discovered that countless spam has been going out from that ISP. I traced the IP address using their database and came on this:

 

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '83.4.0.0 - 83.11.255.255'
inetnum:         83.4.0.0 - 83.11.255.255
netname:         NEOSTRADA-ADSL
descr:           Neostrada Plus
country:         PL
admin-c:         TPHT
tech-c:          HT2189-RIPE
status:          ASSIGNED PA
mnt-by:          TPNET
mnt-lower:       TPNET
mnt-routes:      TPNET
source:          RIPE # Filtered
role:            TP S.A. Hostmaster
address:         TP S.A.
address:         ul. Nowogrodzka 47A
address:         00-695 Warszawa
address:         Poland
phone:           +48 800 120810
fax-no:          +48 22 6225182
admin-c:         TK569-RIPE
tech-c:          TK569-RIPE
tech-c:          JS1838-RIPE
nic-hdl:         TPHT
mnt-by:          TPNET
abuse-mailbox:   abuse@telekomunikacja.pl
source:          RIPE # Filtered
person:          Hostmaster TPSA-CST
address:         Telekomunikacja Polska S.A.
address:         Data Transmission Systems Centre
address:         ISP
address:         POLAND
remarks:         ! - ! - ! - ! - ! - !
remarks:         CALL - CENTER
remarks:         phone: (+48) 800 120811
remarks:         ! - ! - ! - ! - ! - !
phone:           +48 800 120810
fax-no:          +48 22 6225182
remarks:         ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
remarks:         Please send spam and abuse notification only to:
remarks:         abuse@tpnet.pl
remarks:         ! - ! - ! - ! - ! - ! - ! - ! - ! - ! - !
nic-hdl:         HT2189-RIPE
mnt-by:          TPNET
source:          RIPE # Filtered
% Information related to '83.0.0.0/11AS5617'
route:           83.0.0.0/11
descr:           TPNET
descr:           for abuse: abuse@tpnet.pl
origin:          AS5617
mnt-by:          AS5617-MNT
source:          RIPE # Filtered
% Information related to '83.0.0.0/13AS5617'
route:           83.0.0.0/13
descr:           TPNET
descr:           for abuse: abuse@tpnet.pl
origin:          AS5617
mnt-by:          AS5617-MNT
source:          RIPE # Filtered

If you're getting stuff from RIPE check the originating IP address and run it through their database.

Web Page Expert
BethKatz
Posts: 6,198
Registered: ‎11-14-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Please edit your message two posts up to replace your email address with xxxx. Edit is in the Options pop-up at upper right of your post  text.

Contributor
Posts: 18
Registered: ‎05-01-2008

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

  Hi Larry.  I've had problems with my email account now for over 6 months, and was unaware of it until I found out the resumes, cover letters, and applications for a pharmacist position were never received.  I spoke with Irwin an excellent IS tech in Denver, CO on 6/6/2011 at 12:53 PM.  After months and months of calling Comcast, this gentleman found the problem.  He told me there was a filter put into my account from the Comcast side.  And I had checked my filters many times, and I know it was not there.  Irwin said I would not be able to see the filter on my side, because it was done on the inside of Comcast.  When Irwin took the filter off, I ended up with over 1000 emails in my Windows Mail.  With more calls concerning emails and SPAMS to Comcast, I was not getting anywhere with other IS techs.  I understand they are given a two-week training course in IS.  Another IS person told me Irwin ended up writing a 3 page report, sent it to his supervisor Jackie (who was very nice also), and she turned it over to your Comcast security person Ken CSA Tech 113, Senior Technician, csatech113113@comcast.net.  I also had folders missing, and last Thursday my service went down - no cable TV and no internet.  A really nice tech showed up Saturday at 4 PM and got me running.  I called Ken in security today, and in my experience of 27 years with dealing with the public in various jobs, I have NEVER been treated so poorly.  He told me I put my address book on the filter page and he didn't care what the IS tech told me. He kept sighing and was extremely rude to me.  Since my service went down, all my filters were deleted and the tech Tim saw it on my computer.  Ken told me that's not true, that the whole thing was my fault.  Everyone makes mistakes, we are all human, and I know we all have our bad days.  I have 2 email Comcast accounts and I couldn't even email one account  to the other.  IS Comcast people could not even send tests to my accounts and I knew something was seriously wrong.  Funny thing is if I made the mistake, then why did the IS tech who found the error pass it to his supervisor Jackie, and then to security Ken?  You don't just pass things to security unless there is a serious problem.  I am so disappointed with Comcast. Ken was certainly the rudest person I have EVER dealt with.  There is a serious SPAM issue (no, I don't do the Facebook, MySpace thing), and Ken tried to tell me maybe my resume went out as a SPAM.  How is that? He kept telling me it was my fault.   I will be proceeding further with this issue and the lack of professionalism of your security tech Ken.  I pay for a service, and expect to be provided and treated with some amount of respect as I do with others.   Now I am also getting a lot of SPAM, and some inappropriate emails (I don't open of course).  I run my Kaspersky security every day and never leave my USB stick in. I am very cautious about security issues, since I know it is so easy to hack into accounts.  I change my passwords, and use generic drug names as passwords you would never hear of.  Comcast has major security issues, not only with their attitude but with their past hacking of their domains and their P2P.  Just the treatment I received today from Ken in security is enough to make me switch to U-Verse.  Thank you. 

Email Expert
CCCarole
Posts: 28,884
Registered: ‎05-21-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I've notified the Administrator of your post.



Need Email Help? Please post the following information in your post.
Do you use XfinityConnect? The Full or Lite version?
Do you use an email client? Which one? (Eg; Windows Live mail, Outlook, a smartphone etc.)
Which browser/version do you use? And- have you cleared your browser cache?
Which operating system? XP, Vista, Windows 7, Mac OS X
Details of the problem you are having.




Contributor
chattslumlord
Posts: 21
Registered: ‎07-15-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I am amazed to see that comcast has been having these types of problems for soo long.  I just had over 300 emails hacked out of my account at comcast and have received very little help in retrieving those emails.  All the techs can tell me to do is change my password.  I guess I will change my password if I end up keeping comcast, but if they can't secure my emails, then not sure it is worth keeping.

Administrator
ComcastLarry
Posts: 2,070
Registered: ‎05-04-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

ticarcillin-

 

I do apologize for the lack of customer support that you received. We are always making changes to our network for better security. Was your issue resolved and your questions answered?

Thank You

-ComcastLarry-
Contributor
chattslumlord
Posts: 21
Registered: ‎07-15-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I still dont have my emails restored Larry...

Spoiler
 

 

Contributor
siortuth
Posts: 5
Registered: ‎07-25-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

I just had a spam sexual enhancement e-mail sent from my computer on Sunday the 24th. It occured around the time I had logged into the Comcast.net site to look for my bandwidth useage.

 

It isn't because somebody knows my password. It is because an advertisement is taking control of the WebMail application when someone has logged into their account using the web browser. This happened on a fresh installed totally clean machine, so the source of the hack is server side Comcast, and it only leaves malicious code running on Comcast pages, most likely embeded into advertisements. The email is only sent if you have contacts in your WebMail contacts list and will only send to them.

 

Comcast - I really hope you don't disregaurd this information, because it is more then hypothetical. A clean PC after a fresh format install using only a Microsoft retail CD can't have a trojan or a virus on it! Comcast is broadcasting the trojan that hacks into users WebMail!

 

Please get this fixed!

 

SOON!

Security Expert
LoPhatPhuud
Posts: 2,843
Registered: ‎11-01-2005

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

siortuth wrote:<snip>
A clean PC after a fresh format install using only a Microsoft retail CD can't have a trojan or a virus on it!
<snip>

I am posting only in regards to the above statement, and only for your information. I am specifically not speaking to the source of your infection.


Whether a hard disk is cleaned by reformatting or not, depends on the type of format used. A high level format, typical of Microsoft OS installs will not guarantee that the drive is clean.

 

You can read this thread in DSLR for information. Saves me typing it all.

http://forums.comcast.com/t5/forums/replypage/board-id/2/message-id/184395

 



"Once I talked to the inmates of an insane asylum in Hartford. I have talked to idiots a thousand times, but only once to the insane..."
Mark Twain

Microsoft MVP, Consumer Security, 2005-2014
Contributor
siortuth
Posts: 5
Registered: ‎07-25-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I forgot to say, I use an SSD, Solid State 512 Mbyte drive and I Secure Erase my memory chips, which resets all memory cells to the default unwritten state.

 

There is NOTHING on my (SSD) hard Drive when I reinstall Windows.

Contributor
Posts: 18
Registered: ‎05-01-2008

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

  Hello Larry.

    I am still having problems with my account.  My resumes, cover letters, and applications for pharmacist positions are going out through Comcast and I found them labeled  as "SPAM".Why?   I hard copy my info so I have proof of this.  My case number was CR247586859. I was told the case was "closed" because it only concerned "incoming email".It concerned incoming AND outgoing emails through Comcast.   Ken in security told me it was my fault since I put my address lists in BOTH of my Comcast accounts in the email filter lists. I would never do that.  He also accused me of sending over 1000 emails a day (NO WAY- I don't have time ) I would never do that.  I do not do the social network thing, run my security scans daily, and change my passwords often to generic drug names with added numbers, etc.  I am very cautious about my security.  I would like to know who is the head of security of Comcast.  I certainly don't blame you (you have been very nice), but either there is an inner security issue in Comcast or someone has hacked your system.  I know Comcast has to be licensed by the city or county.  If something is not done, I will be proceeding further with this matter. It is affecting many of your paying customers and I am not just an isolated case.  Comcast has to come up with an answer.  Thank you.

Email Expert
CCCarole
Posts: 28,884
Registered: ‎05-21-2006

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I have notified Larry of your latest post.



Need Email Help? Please post the following information in your post.
Do you use XfinityConnect? The Full or Lite version?
Do you use an email client? Which one? (Eg; Windows Live mail, Outlook, a smartphone etc.)
Which browser/version do you use? And- have you cleared your browser cache?
Which operating system? XP, Vista, Windows 7, Mac OS X
Details of the problem you are having.




Administrator
ComcastLarry
Posts: 2,070
Registered: ‎05-04-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

-

 

I understand your level of privacy when it comes to personal information. For all of these answers it's best to reach out to the Security Team at 888-565-4329 and speak with a live agent. I did setup a ticket for your issue and they explained it's best if you call them so they may address all your concerns.

Thank You

-ComcastLarry-
Official Employee
ComcastJordan
Posts: 788
Registered: ‎03-17-2008

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Siortuth,

Was the spam message in your Outlook or in your XfinityConnect Sent Items folder?

Contributor
siortuth
Posts: 5
Registered: ‎07-25-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

[ Edited ]

I'm sorry, I was unclear on the correct spot the sent mail showed up.

It was only in my Xfinity Sent Folder through Comcast's Webmail in my browser.

 

I think it was very curious that the timing of the Sent Spam coincided similarily to a period where I was logged into the Xfinity Webmail. Almost as if my secure Xfinity session was hi-jacked. The Spam was only sent to the contact list I had maintained for my imediate family in Xfinity Web Mail. I have removed my contacts list.

I have changed my password and so far have not seen the SENT SPAM problem recur.

Contributor
amywatkins
Posts: 7
Registered: ‎04-29-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

I am hoping that, despite Larry mentioning above a private ticket being opened again on this, some answers will be posted publicly as this has clearly been an issue for many of us.

Contributor
chattslumlord
Posts: 21
Registered: ‎07-15-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Two weeks later and have had no help with my hacked/stolen emails.  I guess this is such a cronic and widespread problem, comcast can't address each individual's hacked/stolen issues.  The companies with the softest security aren't going to last long.  The word is going to get out that our information is not being secured by comcast.

New Visitor
dkatkins
Posts: 1
Registered: ‎08-02-2011

Re: Comcast e-mail hijacked / Spam sent from my account that I didn't send

Same thing happened to me. My messages were on 1 Aug. I deleted my contacts on the web, changed my password and changed my security question. Should this do it?