Reply
Bronze Star Contributor
Broni
Posts: 145
Registered: ‎08-01-2010

Comcast scam, or what the heck is it?

Last night, I received this email from Comcast:

 

Dear Comcast Customer,

The Constant Guard™ service has identified that one or more of your computers may be infected with a Bot. Please read on.


A Bot, also referred to as malicious software or malware, is used to gain control of your computer, typically without your knowledge. Online criminals can use Bots to collect your personal and private data, such as Social Security numbers, bank account information, and/or credit card numbers by monitoring your keystrokes. This can lead to identity theft and fraud.


We strongly recommend visiting the Comcast Constant Guard Center at
https://constantguard.comcast.net
for instructions to help you remove the Bot from your computer(s). If you select to remediate the Bot by yourself, please follow all the steps provided within the Constant Guard Center to assist in Bot removal. We also advise that you keep your computer(s) protected by performing regular Operating System updates and by using Norton Security Suite anti-virus software.

Sincerely,


Comcast Customer Security Assurance

 


 

This is totally ridiculous!

 

I volunteer on several serious computer help forums as security expert and I can assure you, my computer is hold in a top shape and it's 150% clean.

 

I simply demand from Comcast authorities to let me know HOW such a threat was detected and to present me a proof of my computer being infected with a bot.

 

If there is no reply from Comcast in this very topic, I'll assume, that the above email is nothing more than a scam employing scare tactics, luring Comcast customers into paying $100 for some Norton Virus Removal Service.

 

I simply can't believe, Comcast is involved in such a scam.

 

I'll definitely talk to my lawyer to see, if some legal action could be considered.

I'm sure, that some less computer savvy people can easily fall for the scam.

 

Shame on you Comcast!

Contributor
kelly7552
Posts: 21
Registered: ‎12-10-2010

Re: Comcast scam, or what the heck is it?

I couldn't agree more!

Contributor
Posts: 24
Registered: ‎06-03-2006

Re: Comcast scam, or what the heck is it?

Yep, it's a scam. Disregard it. If you feel you might have an infection, seek a trusted computer professional, NOT your Internet Provider, and definitely NOT Comcast

Contributor
Posts: 24
Registered: ‎06-03-2006

Re: Comcast scam, or what the heck is it?

Please DO report it, and to your local AG's office as well. It's the ONLY way these clowns will get the message.  And why can't you believe it? This is the way Comcast operates and has always operated

Bronze Star Contributor
Broni
Posts: 145
Registered: ‎08-01-2010

Re: Comcast scam, or what the heck is it?

I'm very curious, if there are any Comcast representatives, who monitor these forums and they any guts to reply here.

Are there any mods, or admins around here?

Security Expert
USAF_E-8_RET
Posts: 4,902
Registered: ‎10-28-2003

Re: Comcast scam, or what the heck is it?

First of all, this forum is primarily a user to user help forum.  There are those of us who volunteer our time to answering questions, listening to the threats, nasty comments etc because we are gluttons for puniishment.  We are Comcast customers the same as you are.  We have no additional pull, nor insight into the info you are requesting.  We can not obtain info that you can not obtain. 

 

There are Comcast employees present on the forums from time to time - they are id'd with the RED User Names.  

 

FWIW, you may be interested in a post I made in another thread regarding Constant Guard (P & C below)

 

 

from this thread  http://forums.comcast.net/t5/Security-and-Anti-Virus/Comcast-Announces-Constant-Guard-security-progr...

 

 

@jlivingood:

 

Please pay atention to the rest of the Security Board and the vast amount of posts regarding Constant Guard.

 

If you want examples of what I am referring to:
 
.
.
.
.
.
and who knows how many more by tomorrow.
IMHO – it is fine for “engineers” to devise all these “new” security devices – but if they produce false alerts and scare the general usership (with their BOT emails), then what good is the program?  I have seen it already where folks are talking about ignoring the warnings – which means they will not be taken seriously and eventually deleted as “spam”.
 
Surely someone has gotten something wrong.  Bottom line – if I am infected tell me with what, when it occurred and how to get rid of it.  Do not tell me it "appears" one or more of my systems (which one) may be infected with a BOT (specifics please) and you need to do these “Do-it-Yourself” procedures – which in fact does not show any infections/malware.
I personnaly am tired of trying to answer Constant Guard questions on the Secuity forum when the folks running the Constant Guard program can not provide bottom line answers.   An email address to refer Constant Guard questions to would be very much appreciated.

 

A veteran - whether active duty, retired, national guard, or reserve - is someone who, at one point in his or her life, wrote a blank check made payable to The 'United States of America', for an amount of 'up to and including my life.'

Contributor
Posts: 24
Registered: ‎06-03-2006

Re: Comcast scam, or what the heck is it?

 


Broni wrote:

I'm very curious, if there are any Comcast representatives, who monitor these forums and they any guts to reply here.

Are there any mods, or admins around here?


Yea, the Comcast Admin delete the Anti-Comcast posts as "trolling" in order to censure the criticism. Typical Corporate response

 

Moderator
jlivingood
Posts: 1,085
Registered: ‎05-09-2007

Re: Comcast scam, or what the heck is it?

 


Broni wrote:

Last night, I received this email from Comcast:

 

Dear Comcast Customer,

The Constant Guard™ service has identified that one or more of your computers may be infected with a Bot. Please read on.

<snip>

I simply can't believe, Comcast is involved in such a scam.

 

I'll definitely talk to my lawyer to see, if some legal action could be considered.

I'm sure, that some less computer savvy people can easily fall for the scam.

 

Shame on you Comcast!


Our systems have detected likely malware infection on your IP address as recently as 12/6/2010, with four different bot armies observed in recent weeks. On 12/6/2010 we observed bot activity from one particular bot army on 4 occasions. 

 

 

 

JL
National Engineering & Technical Operations
Moderator
jlivingood
Posts: 1,085
Registered: ‎05-09-2007

Re: Comcast scam, or what the heck is it?

 


kelly7552 wrote:

I couldn't agree more!


We observed one bot army recently related to your IP address as recently as 12/6/2010.

 

JL
National Engineering & Technical Operations
Moderator
jlivingood
Posts: 1,085
Registered: ‎05-09-2007

Re: Comcast scam, or what the heck is it?

 


davidsco27 wrote:

Yep, it's a scam. Disregard it. If you feel you might have an infection, seek a trusted computer professional, NOT your Internet Provider, and definitely NOT Comcast


We have observed signs of likely malware infection on your IP as recently as 12/5/2010, being detected 8 times within 3 days. 

 

JL
National Engineering & Technical Operations
Bronze Star Contributor
Broni
Posts: 145
Registered: ‎08-01-2010

Re: Comcast scam, or what the heck is it?

@ 

 

"We have observed signs of likely malware infection on your IP as recently as 12/5/2010, being detected 8 times within 3 days."

 

Thanks for your reply, but unfortunately, your reply doesn't look very professional at all.

Frst of all, what does "likely" mean?

I may assume, that you're more, than "likely" wrong.

Then, what kind of tool has been used to determine that?

Does your tool indicate any particular file(s), file location(s)?

I've never heard of "IP infection", btw. I've heard of computer, router infections, but not an IP.

 

If you have any detailed info, which can't be posted in public, please email me and I'll be more than happy to look at your findings.

Bronze Star Contributor
Broni
Posts: 145
Registered: ‎08-01-2010

Re: Comcast scam, or what the heck is it?

"try providing reliable cable service and get your wallets out of our PC's!"

 

Very, very well said :smileyhappy:

Retired Administrator
CC_Dete
Posts: 2,486
Registered: ‎07-01-2010

Re: Comcast scam, or what the heck is it?

Contributor
kelly7552
Posts: 21
Registered: ‎12-10-2010

Re: Comcast scam, or what the heck is it?

JL,

 

My router is set to dynamic DNS, I get a new IP address every few days, does comcast link my current ip address to a database of historical ip addresses and link the bot ip address to who has it in time? 

 

Bill

Moderator
jlivingood
Posts: 1,085
Registered: ‎05-09-2007

Re: Comcast scam, or what the heck is it?

 


kelly7552 wrote:

JL,

 

My router is set to dynamic DNS, I get a new IP address every few days, does comcast link my current ip address to a database of historical ip addresses and link the bot ip address to who has it in time? 

 

Bill


The DHCP servers link MAC address and IP address. When we see activity to a certain IP at a certain time, we check to see who had that IP at that date/time.  Hope that helps.

 

JL
National Engineering & Technical Operations
Moderator
jlivingood
Posts: 1,085
Registered: ‎05-09-2007

Re: Comcast scam, or what the heck is it?

 

> Frst of all, what does "likely" mean?

 

Likely means we have observed bot net command and control traffic connected with an IP address you used at a particular point in time. But nothing is ever 100% rock solid, so I chose to use the word likely. Given the dangers that malware poses, we have chosen to alert customers of likely malware infection, since 100% certainty may be either (1) impossible or (2) not particularly timely.

 

> I may assume, that you're more, than "likely" wrong.

 

You may if you like and if you get more notices in the future, you may change your mind.

 

> Then, what kind of tool has been used to determine that?

 

We cannot disclose our exact methods of detection. If we did, malware authors might be able to avoid detection.

 

> Does your tool indicate any particular file(s), file location(s)?

 

No, because we do not rely on software at your location / on your LAN.

 

> I've never heard of "IP infection", btw. I've heard of computer, router infections, but not an IP.

 

All of your computers share an IPv4 address, so I chose to say associated with your IP since it could be any of your computers which we only see as traffic from one IP address.

 

> If you have any detailed info, which can't be posted in public, please email me and I'll be more than happy to look at your findings.

Ok

 

JL
National Engineering & Technical Operations
Bronze Star Contributor
Broni
Posts: 145
Registered: ‎08-01-2010

Re: Comcast scam, or what the heck is it?

"You may if you like and if you get more notices in the future, you may change your mind."

It's highly doubtful, because I'm very computer and computer security savvy and I know very well what is running on my computer(s). At least, I know better, than some remote tool, which uses "likely" procedure.

 

"But nothing is ever 100% rock solid"

If so, why  you not only scaring people around, but what's more, you direct them to a site, which ask for $100 ransom to clean something, what may even not exist, as you admitted above?

Your "Do-it-yourself" solution is simply worthless, because it doesn't offer anything more, than what regular, sane computer users do. Keep Windows and AV program up to date.

 

"No, because we do not rely on software at your location / on your LAN."

In that case, don't send me any sensless emails anymore.

Official Employee
ComcastJordan
Posts: 775
Registered: ‎03-17-2008

Re: Comcast scam, or what the heck is it?

Broni,

"ransom" is really inflammatory when you consider that we're offering options and potential solutions.  Our systems detect a problem and we alert our customers.  User's are not obligated to use the service, but for those that don't know how to fix the problem, we want to give them one more option.

 

Realize that you're "regular, sane computer user" description isn't accurate.  Studies show that the general public doesn't have a comprehensive understanding of viruses, they tend not to keep their machines up to date, and they DO expect that ISPs do something about it when they are infected (reference: http://www.maawg.org/sites/maawg/files/news/2010_MAAWG-Consumer_Survey.pdf).  Comcast is trying to do our part to educate and assist.

Bronze Star Contributor
Broni
Posts: 145
Registered: ‎08-01-2010

Re: Comcast scam, or what the heck is it?

I work with tens of infected computers every day and from time to time I see someone coming in for help, because his/her ISP threatened to close his/her acount due to heavily infected computer.

That, I understand.

After seeing security scan logs from that particular computer, I understand even better.

 

However, in case like mine, I can't treat your email other than as a scam, or at least irresonsible.

As your precedor said:

"We observed one bot army recently related to your IP address as recently as 12/6/2010"

Not only that, but he later explained, that the occurence was just "likely".

Then, what happened?

The infection disappeared by itself? Have you ever seen a miracle like that?

I didn't cure anything, becuase it wasn't anything to cure.

 

So, you see some "likely" one time infection, which cure itself a day later and you send an email, which will:

- make computer savvy people angry

- cause a heart attack, or such for less computer savvy people

 

You have to either be little bit more conservative in sending emails like that, left and right, or you have adjust email wording, so it's  a bit less alarming, unless you're dealing with heavily infected computer and you can present some PROOF, that some danger really exist.

 

I hope, I'm not wasting my time here and you'll listen to your customers sometimes.

 

Official Employee
ComcastJordan
Posts: 775
Registered: ‎03-17-2008

Re: Comcast scam, or what the heck is it?

Broni,

Bots go dormant all the time.  So all evidence (i.e. activity that can be caught by a log or a filter) of an infection can vanish at a moment's notice.  Obviously the malicious code remains, so the hope/expectation is that AV software then picks it up.

 

We are listening and all feedback is welcome, positive and negative.  It is conversations and feedback that make our products better. 

Bronze Star Contributor
Broni
Posts: 145
Registered: ‎08-01-2010

Re: Comcast scam, or what the heck is it?

I can only tell you one more time and that will be end of the story for me.

I'm a security expert and there is NOTHING malicious on my computer.

Recognized Contributor
Creechuur
Posts: 142
Registered: ‎08-16-2011

Re: Comcast scam, or what the heck is it?


ComcastJordan wrote: Studies show that the general public doesn't have a comprehensive understanding of viruses

While this is true, the best way to educate people about the computers they use everyday is to inform them, not use scare tactics.  I received the same email today and I'm insulted that a company as big as Comcast would resort to common spam tactics to scare its customers into using its product.

 

Every anti-virus program I have ever used can tell you what is infecting your computer.  Jlivingood's replies were no better than spam themselves.  Bot army?  You make it sound like War of the Worlds is happening, jeez.

 

I already have Microsoft Security Essentials and ZoneAlarm Firewall running.  I run Super ANTI Spyware, Trend Micro Housecall and Ccleaner on a regular basis, as well as defragging my drives and maintaining my registry.  See how I used very specific language to describe what I have on my system and what I use to keep it clean?  You guys might want to do the same when youre talking to your customers so you don't come off looking like complete boobs.

 

I really hope someone gets a proper hand slapping for this.

 

 

Official Employee
ComcastJordan
Posts: 775
Registered: ‎03-17-2008

Re: Comcast scam, or what the heck is it?

[ Edited ]

Creechuur,

I’m not certain it’s War of the World, those guys used largelaser cannon and marched down the middle of the street. “Bot armies” are not an exaggeration. Major anti-virus vendors have gone on the record to state that a single army may have more than 2 million infected PCs. I think that qualifies for a pretty large “army.”

 

Our emails are not intended as scare tactics. They’re a simple statement that we detected what appeared to be bot-related traffic coming from a modem.  This is based on the best data that we can pull together from some of the industry’s best sources. 

 

You used specific language on how you maintain your machine.  Please recognize that the majority of Internet users are not familiar with CCleaner, haven’t used a firewall other than the one Windows includes, and stay clear of the registry at all costs.  Our website directs people towards just a few options customers can use to help maintain their machines just as you are.  Some are included in price of service and some are freely available on the Internet.  We all have our favorite tools. These just happen to be ones we evaluated and found to be helpful and useful. 

 

So I think we’re doing exactly what you’ve asked.  We’re giving people information about a threat they may not know is impacting their computer and then we provide specific software tools they can use to clear the issue.  If they don’t care for those tools, they’re welcome to use any others they find and like.

Security Expert
USAF_E-8_RET
Posts: 4,902
Registered: ‎10-28-2003

Re: Comcast scam, or what the heck is it?

Thanks for your thoughts on the Constant Guard Bot program.

 

Just a few thoughts:

First I totally disagree with your comment: "Every anti-virus program I have ever used can tell you what is infecting your computer. "  No one Anti-virus program can detect each and every infection you may have on your system.  If your statement were true, why then are you using such programs as Housecall and SAS in addition to "your AV MSE"???  So I guess you also need to be careful in trying to make a point.

 

That all said, IMHO, you are leaving Malware Bytes Anti-Malware out of your protection.  The log from the free version is used by many security experts as a pre-requisite to helpng assist on infected systems and has been known to be of assistance when dealing with Comcast's Bot warning.

 

I would also like to suiggest that you contact Comcast Customer Security Assurance Department at the phone number listed in this link.  http://security.comcast.net/get-help/contact-comcast-security.aspx

 

They have at times in the past provided info as to when they "may have detected" a bot on your system and perhaps if it was recently  active. 

A veteran - whether active duty, retired, national guard, or reserve - is someone who, at one point in his or her life, wrote a blank check made payable to The 'United States of America', for an amount of 'up to and including my life.'