Personal Finance 
10
comments

Don’t Be Phished Like An Internet N00b

Email  Print Print  

I received an email today from Comcast about how they recently changed their policy regarding accounts:

Comcast takes the security of our customers personal and account information very seriously. As part of our ongoing effort to ensure the security of our customers information, we have recently enhanced the security of the Comcast.com account management system.



As a result of these recent enhancements, if a Comcast.com account is inactive for 180 days, it is removed from our system.



In order to keep your Comcast.com account active, please log in today with your user name and password: www.comcast.com/login.

First off, anytime someone emails me to log into my account, I never click any links in the email. Never ever. I don’t care if it’s some stupid account on some random free email account that you wouldn’t care gets stolen. The fact of the matter is that thieves know that people use the same username and password on multiple accounts so a free email account could yield a free bank account as well. Lastly, I can just go to Comcast.com directly and login there to confirm whatever.

Secondly, if this is legit, Comcast is ridiculously stupid because they should check to see if the account is connected to an active customer account (it is). If it is, then ignore this stupid little rule because they’re obviously “active” because they’re paying for service! If it’s not connected, then I suppose you can request that someone log in every 180 days (though the chances of a non-Comcast subscriber caring about their Comcast account is exactly zero).

Moral of the story – Companies may be stupid and make legitimate but dumb requests, but don’t be a dummy and get phished.

FYI, the email I received, according to the headers, was legitimately sent from a comcastonline.com’s server but…

  • The email was “from” a comcastsupport.com email…
  • The link in the email was to to comcast.com…
  • And the link itself was to gothere2.comcastonline.com…

Seriously Comcast, you gave me 2034982304938 reasons to think it was a phishing email (all they missed was the link going to thisisacomcastphishingemail.com).

{ 10 comments, please add your thoughts now! }

Related Posts


RSS Subscribe Like this article? Get all the latest articles sent to your email for free every day. Enter your email address and click "Subscribe." Your email will only be used for this daily subscription and you can unsubscribe anytime.

10 Responses to “Don’t Be Phished Like An Internet N00b”

  1. Great post. I may be a phishing noob, but how would someone obtain your email password by simply clicking a link within an email message?

  2. jim says:

    After you click it, the page that comes up is asking for you to log into an account, that’s where they’d obtain your password.

  3. dong says:

    I think providing the link was stupid. I think the email is OK. Comcast I think is specifically taking about online login account. You can have a comcast account and not have active online account and vice versa.

    For instance I’ve gone 6 months without being a comcast customer, and would still want to retain my online account because if another 6 months I decide to sign up again, I rather not sign up a new userid, etc. I’ve done this before with my electricity service..

    Also I can see myself being an active customer, and because I’v been paying my account via automatic bill pay, I haven’t logged into my account and my account could be inactivated and I rather keep it active.

  4. broknowrchlatr says:

    Here is a little tip I figured out:

    I never really know when to report these to the company as i have gotten a lot of emails i thought to be fishing. I want to call the company and either say
    A) there is a phishing scam coming from X or
    B) your email looks fake.

    So, here is how you figure it out:
    Click/go to the link. Type in a bogus userid and password. If it seems to let you in, you know its a fake (since they don’t know what the password is, they can’t validateit). You can also try the password reminder tools. On fake sites, these go to nowhere or don’t work.

  5. Ah yes, sorry, I thought there was a way to extract your email pwd simply from clicking a link.

  6. JB says:

    I got this email too…didn’t even consider it could be a scam. Eek!

  7. Chris says:

    I couldn’t believe it when I got this E-mail. We can tell how concerned Comcast is with your security…

    I think it is legit, but as the original post states, it points back to three different Comcast -ish web addresses. This is ridiculous.

    You would think that an ISP would have a better way of spreading the word (how ’bout a letter in the mail?).

  8. Paul says:

    The primary clue that this email is NOT legit, is that it does not reference the user by name:

    Dear Valued Comcast Customer,

    Should read, if legit,

    Dear ,

  9. Comcast User says:

    Well the bogus email I got came from the following address:

    comcast@delivery.net

    What kind of a moron do they think I am? Well, certainly not one who would fall for such obvious phish bait.

  10. rick says:

    Yeah it’s hard to believe these are actually legit

    Someone on chat from customer support just asked for my social security number because their system “is being upgraded”

    I was very suspicious, but it turns out to be legitimate


Please Leave a Reply
Bargaineering Comment Policy


Previous Article: «
Next Article: »
Advertising Disclosure: Bargaineering may be compensated in exchange for featured placement of certain sponsored products and services, or your clicking on links posted on this website.
About | Contact Me | Privacy Policy/Your California Privacy Rights | Terms of Use | Press
Copyright © 2014 by www.Bargaineering.com. All rights reserved.