Have I been scammed?

MikeHawthorne

Essential Member
Microsoft Community Contributor
Hi everyone.

I received an email from Comcast today, it says that my service will be suspended unless I update my payment information.
It said that the credit card company failed to authorize the payment.

This message really looks official, when I clicked on My Account in the message, I wondered where it would take me.

It took me to what looked like an authentic Comcast web page.

I was beginning to be concerned when I realized that...

I don't pay for Comcast with a credit card, I pay by check every month.

The problem is that I put in my password and was told it was incorrect and that I should call a phone number to get authorization to change my password.

I didn't do that, but I'm going to go to the real Comcast page and do it now because I was probably duped into typing it into the Login page.

Has anyone else seen this, I checked and was able to see that there was a long list of people who had received the same message.

Mike
 

Neemobeer

Cloud Security Engineer
Staff member
Yes you have been phished. Change your password immediately. If you use the password else where change those as well.
 

MikeHawthorne

Essential Member
Microsoft Community Contributor
Hi

I'm back, I really am mad at myself. I'm always telling people that they should never click on links in emails, and I did it once and got scammed.
A short time after I posted here, I tried to contact Comcast and I couldn't get into my account, a short time later and my whole internet went down.

I used my Smartphone to contact them because it doesn't use the internet and isn't through Comcast.
A good reason to not have everything with one carrier.

I changed my password to a new and much more secure one.

But I still had problems because I couldn't get Windows to ask for my new password. It would just try and connect and say it couldn't.
My computer was connected, it said Connected and Secure, but wouldn't connect to any sites.

When I tried to open my email, the "Please enter your Password" dialogue came up and when I put in my new password it loaded my email.
So now I knew that it was working.

After trying for an hour to find some way to get the same prompt from Windows, I, finally, just unplugged the modem and let it sit for an hour.
When I plugged it back in and booted my computer, there was still no prompt to put in my new password.

I was getting really frustrated, then I realized that Steam had not given me the can't connect message.
So I opened Chrome and it loaded. Then I opened Steam and went through all my online games and everything worked.

Now everything is working in Alexa, my Tablet, and my laptop.
I suppose that when I reset the router, Comcast sent them the command to use the new password to connect from my PC to the net.

One good thing did happen, the lady in India gave me a $ 50-a-month discount on my service for the next two years. I'm 84, that may be all I need. I have a 1 gig business account, and I'm paying less than one hundred dollars a month for the first time in ages. I live in the country and pretty much have it all to myself. I can download a 60-gigabyte game from Steam in 10 or 15 minutes.

I just want to mention that I've gotten two new emails from Comcast or Xfinity today, one is obviously a scam from the same place and the other one I think is real, saying I get free HBO over the weekend.

I'm not going to click on anything in either of them.

Mike
 

dustymars

Well-Known Member
Mike, they are beginning to get the best of us. There may not be a sure-fire safe way to work a PC on the Net, even for the 'spirts. I ordered a bracelet for my wife for Christmas from Amazon that ended up made and shipped from China. I have a policy of not buying anything from China so I look real close at the ads to see where the items are shipped from. It is almost impossible to buy stuff not made in China, but I try, especially stuff made and shipped from China. Scrolling down 16 pages on the Amazon ad I finally found the chicken-scratching in Chinese that the item is made and shipped from China. Mad I be! At least on eBay one can almost. nearly seperate3 the China stuff form elsewhere. I try to not buy anything from the CCP. IMHO, we should nuke them. I am to0o old to participate in Civil War 2.0, but it is coming.
 

MikeHawthorne

Essential Member
Microsoft Community Contributor
Yes, I'm feeling, that I won't click on or replay to anything. I've been getting messages from all sorts of people who I know aren't really who they say. I think part of it is age. They see that you are 84 and they think this guy won't know what's going on.

I got another message from Comcast saying they were sending me a Xfinity Flex, I thought that it was another con and ignored it.
It just arrived by UPS.

I guess it's part of my new cheaper package.
I'm waiting to see my first bill and see if they really lowered my cost.
 

Neemobeer

Cloud Security Engineer
Staff member
Red Flags
  1. From address is not from real company domain or uses a consumer service like @live, @gmail etc
  2. Generic greeting or no greeting
  3. Bad spelling and/or grammar
  4. Hovering over links have strange URLs, domain squatting like mirc0soft.com instead of microsoft.com
  5. Sense of surprise, urgency or fear
  6. You were not expecting an email
 

dustymars

Well-Known Member
Speaking of getting old, I'm only 82 :), but I really messed up. I did a scan with SuperAntiMalware like usual and it tagged a malware in my registry. It was a false positive due to the File Explorer registry change, but it blew my Windows 11 startup all to hell. It took a while to see if it was actual Malware, but then on boot up it ran the diagnostics and got me into Windows reset. Yeah, back to factory setup. Guess it was okay since I had just made a backup disk and it only took a few hours to straighten things out. I hate backups, updates, upgrades and getting old.
 

Josephur

Windows Forum Admin
Staff member
Premium Supporter
Microsoft Certified Professional
Even after you change your password you need to login to the Comcast webmail page and make sure there are no rules the attacker left behind such as all incoming email gets copied to another address etc... I've seen this a lot.
 
Top