Reply
Regular Contributor
Posts: 72
Registered: ‎08-22-2006

Fake Xfinity Comcast Phishing Mail

This is the second month I've gotten a fake email pretending to be from Xfinity and trying to phish for my info.  This is fake, right?  My account is totally up to date and paid.

 

 

Subject: Comcast: New Message From Comcast
From: Comcast <xfinity@mail.g.comcast.net>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
X-Antivirus: AVG for E-mail 10.0.1411 [2092/3981]
X-AVG-ID: ID45B42A68-3BDEEFCA

<html>
<DIV>
<img src="http://hh7.net/Sep/hh7.net_13195611811.gif" width="223" height="85">
<head>
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Comcast</title>
<div id="yiv1341300953" style="width: 440; height: 347">
  <table cellSpacing="0" cellPadding="13" width="450" border="0">
    <tr>
      <td height="70"><font face="Arial" size="2" family="SANSSERIF">Dear Valued
      Member,<br>
      <br>
      We were unable to process your most recent payment. Did you recently
      change your bank, phone number or credit card?<br>
      <br>
      To ensure that your service is not interrupted, please update your billing
      information today by Clicking
      <span id="lw_1181859669_0">
      <a target="_blank" rel="nofollow"href="http://handshakes.dzoic.com/includes/sbicons/send.php">Click Here</a></span>. . We're available 24 hours a day, 7 days a week.<br>
      <br>
      If you have recently updated your billing information, please disregard
      this message as we are processing the changes you have made.<br>
      <br>
      Sincerely,<br>
      <br>
      Billing Center Team<br>
      <br>
    


Security Expert
USAF_E-8_RET
Posts: 5,043
Registered: ‎10-28-2003

Re: Fake Xfinity Comcast Phishing Mail

Go here and look at second one on the list under Top  Phishing Scams

 

http://xfinity.comcast.net/constantguard/Alerts/

 

Yes, it is phishing mail.

A veteran - whether active duty, retired, national guard, or reserve - is someone who, at one point in his or her life, wrote a blank check made payable to The 'United States of America', for an amount of 'up to and including my life.'

Regular Contributor
Posts: 72
Registered: ‎08-22-2006

Re: Fake Xfinity Comcast Phishing Mail

Thanks.  I am so sick of scammers.

Official Employee
ComcastKeisha
Posts: 1,561
Registered: ‎09-20-2011

Re: Fake Xfinity Comcast Phishing Mail

--

 

Sorry for the inconvenience. I have escalated this issue and someone will be in contact with you soon.

Thank You
-Keisha-
Regular Contributor
Posts: 72
Registered: ‎08-22-2006

Re: Fake Xfinity Comcast Phishing Mail

I didn't click the links in it.  Just pasted what I could here and deleted it.  But I've been noticing that I think this is the second month I've gotten this same email. 

Security Expert
USAF_E-8_RET
Posts: 5,043
Registered: ‎10-28-2003

Re: Fake Xfinity Comcast Phishing Mail

@ Carrigon,

 

If it happens again, I would suggest following the directions for How to Report Phishing Issues:

 

http://security.comcast.net/get-help/report-a-security-threat-or-scam.aspx

 

Close to bottom of page in left hand column!

A veteran - whether active duty, retired, national guard, or reserve - is someone who, at one point in his or her life, wrote a blank check made payable to The 'United States of America', for an amount of 'up to and including my life.'

Regular Contributor
Posts: 72
Registered: ‎08-22-2006

Re: Fake Xfinity Comcast Phishing Mail

Thanks.  I really didn't even think to check there.  I usually just delete the junk, but this one bugged me.

Visitor
fdon
Posts: 3
Registered: ‎10-22-2010

Re: Fake Xfinity Comcast Phishing Mail

What is really concerning about this, other than the threat if you respond to it, is how do they get our email addresses - it appears obvious to me that someone has accessed a Comcast database with our email addresses - there is no way anyone could just randomly guess mine.

 

I forwarded the phishing email to Comcast and got no comment/response back from them.  Yes, it is on their web page as one of the top phishing scams with a bunch of others.  Apparently this happens all the time.  News to me.

Security Expert
CajunTek
Posts: 20,976
Registered: ‎10-07-2003

Re: Fake Xfinity Comcast Phishing Mail


fdon wrote:

What is really concerning about this, other than the threat if you respond to it, is how do they get our email addresses - it appears obvious to me that someone has accessed a Comcast database with our email addresses - there is no way anyone could just randomly guess mine.

 

I forwarded the phishing email to Comcast and got no comment/response back from them.  Yes, it is on their web page as one of the top phishing scams with a bunch of others.  Apparently this happens all the time.  News to me.


I doubt that Comcast's email database was compromised, I suspect it is something more simple. It's called alphabet spam. The spammers start with aa@comcast and move on through letter by letter, usually using a program to generate the next email address in the sequence.

TANSTAAFL!!



Visitor
fdon
Posts: 3
Registered: ‎10-22-2010

Re: Fake Xfinity Comcast Phishing Mail

I suppose I should defer to your expertise since you are a "security expert," but as I point out in my post, the likelihood of someone putting together the letters and numbers in my email address is small.  I mean really small.  But, theoretically possbile if someone performs literally millions of permutations of letters and numbers.  As I say, this is theoretically possible.  And, it certainly may be how they did generate it.  I don't know that much about the extent of the effort people go to so that they can steal from people this way, but I guess if it pays off, people will do it.  Thanks for the comments.

Security Expert
CajunTek
Posts: 20,976
Registered: ‎10-07-2003

Re: Fake Xfinity Comcast Phishing Mail

I had a run on a yahoo account a while back where they had multiple email addresses in the send line

my email address at yahoo at the time was CajunTek (don't use that anymore so I don't care).

So I not only got the email to me as CajunTek at yahoo.com but also cajuntex, cajun.tek, caj.un tek and so on for about 40 email address, I suspect most of these bounced.

TANSTAAFL!!



Email Expert
madylarian
Posts: 8,394
Registered: ‎06-30-2003

Re: Fake Xfinity Comcast Phishing Mail


fdon wrote:

I suppose I should defer to your expertise since you are a "security expert," but as I point out in my post, the likelihood of someone putting together the letters and numbers in my email address is small.  I mean really small.  But, theoretically possbile if someone performs literally millions of permutations of letters and numbers.  As I say, this is theoretically possible.  And, it certainly may be how they did generate it.  I don't know that much about the extent of the effort people go to so that they can steal from people this way, but I guess if it pays off, people will do it.  Thanks for the comments.


Spammers have programmers too and they pay well for programs that do this.  While it may seema daunting task to a human, it would be nothing to a computer.  Further, phishing attempts are aimed at pretty much every @domain.  I get the same ones to addresses at Comcast, Yahoo, Gmail and my domain addresses.

 

mady

Honi soit qui mal y pense
Service Expert
Queen-Evie
Posts: 14,021
Registered: ‎02-04-2004

Re: Fake Xfinity Comcast Phishing Mail

Another way the spammers can get an email address:

 

Forums such as this one where some people use their Comcast user account/email name as their forum screen name.  It's easy enough for a spammer to pick out some user names and put @comcast.net next to the name.

 

Some will be sent to real addresses, others will bounce back.

 

It's also possible a forum name could be the Comcast user name for someone else. Instead of you getting the mail another person does.

 

 

 



 


Comcast employees must be authorized to post in the forum in an official capacity. Employees posting here have their names in red and are designated as employees. Names not in red are customers.

This is done to protect customers and for assurance that they are dealing with a Comcast employee.
Non-Authorized Employees are allowed to post but cannot state they are employees nor can they allude to being employees.

New Visitor
MajorChally
Posts: 2
Registered: ‎11-11-2012

Re: Fake Xfinity Comcast Phishing Mail

Amen to that! I really think that a new "...For Dummy's" book needs to be written for the modern age of computing. Not mean to be crass, I just think that there are so many new exploitation possibilities to watch for these days.

 

Like this one - don't use your email or login *anywhere* that it will be available in a public facing way! This may not seem like such a big deal, but like the poster said, hackers don't need the help to be able to screen scrape all this info for free :smileysad:

 

I just finished my certification in Certified Ethical Hacking and I am amazed at the tools that are freely available for the bad guys. Then they make a ton of money selling the info they get, again for free.

Visitor
fdon
Posts: 3
Registered: ‎10-22-2010

Re: Fake Xfinity Comcast Phishing Mail

One of the reasons I was/am so concerned about the phish to my Comcast email account is that I have protected it as best I can from abuse.  It is relatively spam free even though I have had it for years.  (Knock on wood.)  I am careful how I use it, careful who I give it to.  I have another couple accounts I use for other purposes so that the Comcast account doesn't get out there.

 

Every once in a while, though, I start receiving a bunch of spam.  It is hard to know if someone you communicated with sold it, passed it to business partners, or what.  And then it is hard to know whether to respond to the spam where they give you the option to opt out of receiving more.

 

I will say thanks to Comcast for providing Norton security software for free with their internet service, I know it has saved me from worse more than once...

Visitor
cqui
Posts: 3
Registered: ‎06-01-2010

Re: Fake Xfinity Comcast Phishing Mail

I too woke up to this message:

 

0c325506ac= email support ID

Hello Valued Xfinity customer,
XFINITY ALERT
PLEASE DO NOT REPLY, THIS E-MAIL ADDRESS IS USED BY AUTOMATED SOFTWARE AND IS NOT MONITORED

Constant Guard identified one or more of your computers may be infected with a bot.
You might have already seen an Alert from XFINITY informing you about bot activity.

PIease see attached file for more details and follow directions to avoid interruption of service.

We appreciate your prompt attention to this important security notice.
continue the use of the suction bell. Diagnosis of Primary . In cases in which there is a history of an incubation period of from three to five weeks, when the sore is indurated, persistent, and indolent, and attended with bullet-buboes in the groin, the diagnosis of primary is not
Best Regards,
Customer Care

 

These things just waste my time!

Service Expert
Queen-Evie
Posts: 14,021
Registered: ‎02-04-2004

Re: Fake Xfinity Comcast Phishing Mail

[ Edited ]

Comcast does send out legitimate mail about possible bot infections.

 

The one you received most likely is fake because of this

 

PIease see attached file for more details and follow directions to avoid interruption of service.

 

All the other bot infection emails I've seen posted do NOT mention an attachment. Since attachments can be a source of infection it is best to ignore the mail and don't open the attachment. It sounds as if you are one of the smart ones who knows this.

 

This is a sample of the REAL mail from Comcast. Note that it does not have an attachment. Thank you for posting. I will add the fake bot alert to my Phish or Legit posts later today.

 

bot alert.PNG



 


Comcast employees must be authorized to post in the forum in an official capacity. Employees posting here have their names in red and are designated as employees. Names not in red are customers.

This is done to protect customers and for assurance that they are dealing with a Comcast employee.
Non-Authorized Employees are allowed to post but cannot state they are employees nor can they allude to being employees.

Security Expert
CajunTek
Posts: 20,976
Registered: ‎10-07-2003

Re: Fake Xfinity Comcast Phishing Mail

Moved to private forum this message contains an active phishing linke

Security Expert
CajunTek
Posts: 20,976
Registered: ‎10-07-2003

Re: Fake Xfinity Comcast Phishing Mail

[ Edited ]

Cozmo50  I removed your post because it contains an active phishing link

 

Please see my response below.

 

 

The problem is the sender and the link varies. They stop one, another starts.

TANSTAAFL!!



Contributor
cozmo50
Posts: 9
Registered: ‎03-29-2010

Re: Fake Xfinity Comcast Phishing Mail

I think deleting the email works a lot better than simply removing the link.  Of course I would never click on that link.  I just wanted you people to be aware of the problem.  Your chat line went unanswered so I decided to try the forum in hopes that you would be interested.  You told me my computer needs cleaned up... are you kidding?  First of all, I'm using Comcast's security and the problem came to me via email.  Nothing to do with the "cleanliness" of my computer.   When will Comcast actually get serious about responding to customer concerns?  You just don't get it, do you Cajun Tek? 

Security Expert
CajunTek
Posts: 20,976
Registered: ‎10-07-2003

Re: Fake Xfinity Comcast Phishing Mail

Oh I get it ok... And I think Comcast is quite serious (I have RR and ATT accounts as well and they don't respond at all to these things. Comcast at least trys.

 

Like I said The purveryors of this phish change the sending address and the links. It's very hard for anyone to stop completely.

TANSTAAFL!!