said by sgdoerfler:Generate a unique "authenticity code" for each customer. Print it in every bill. ("Your authenticity code is 987654321. All online messages from Comcast will use your code. Emails and popups that claim to be from Comcast but don't have your unique authenticity code number are forgeries.")
Then the message could say "To confirm this message is really from Comcast, it uses this authenticity code which is printed in your monthly bill: 987654321"
This technique also works to prove that emails or other online communications are really from the company they say they're from, any time there's a known-legit printed bill the customer can refer to.
The unique code could be a random number generated for each customer, or to save space, algorithmically generated. (For instance, combine the customer's account number with some secret key text Comcast makes up, then run a message digest function on the result. As long as Comcast keeps the secret key safe, no hacker can know a customer's unique authenticity code without intercepting a prior communication.)
Another good idea. A take on this might be to somehow incorporate the billing / acct ID # from your bill.
