dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
720
share rss forum feed


Arathaen
Herding Cats
Premium
join:2001-08-06
Vancouver, WA

[E-mail] Phishing attempt

Good afternoon

I just received a phishing attempt looking for me to pay my Comcast HSI bill with an updated credit card. I'm wondering who I send this to within Comcast for investigation.

It was a very amateurish attempt as I can see who sent it and the link they provided doesn't work (thankfully for someone who may fall for it).
Correction, it does work

Here is the copy/paste of the email:

Dear COMCAST Member,

The credit card we have on file for your COMCAST Internet service was declined when we attempted to bill you on 10/08/2012 for your most recent service fees.
For this reason, your service could be suspended.
Please visit our Account Information pages, located at »info.bill.update.alzoam.from-ok.···ndex.php account. , and update your credit card information as soon as possible.

Once your credit card information is updated, you will be charged immediately, as soon as payment is received.

Thank you for your prompt attention to this matter. We look forward to continuing to serve you.

*************************
Account ID: 39530491173
E-mail ID: 69227311
Online Session PID: 3342
*************************
Sincerely,

COMCAST Customer Care

BQSQLLZGNWJRTJZVSSVOFBRJUKBOBNZSGHOEKO



JohnInSJ
Premium
join:2003-09-22
San Jose, CA

»xfinity.comcast.net/constantguar···rts#tab7
--
My place : »www.schettino.us



Arathaen
Herding Cats
Premium
join:2001-08-06
Vancouver, WA

Thank you


Stu Pidaso

join:2006-10-12
Greenwood, IN
kudos:2
reply to Arathaen

No need to report as it is already listed on their site.

»xfinity.comcast.net/constantguard/Alerts/



Sterling
IP Support Tier III
Premium
join:2003-05-30
Pittsburgh, PA

The link does dead because its already been block or removed at the hosting level, however feel free to send any future emails to abuse@comcast.net


mike34
Premium
join:2004-07-17
Central City, PA
reply to Arathaen

This feeble attempt seems to have been taken down as well:

»customer.comcast.com.gbhqv.est-m···cast.net



graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:1

Neither »info.bill.update.alzoam.from-ok.···ndex.php nor »customer.comcast.com.gbhqv.est-m···cast.net have been taken down as far as I can tell.

Both lead me to fake Comcast login pages.


mike34
Premium
join:2004-07-17
Central City, PA
reply to Sterling

said by Sterling:

The link does dead because its already been block or removed at the hosting level, however feel free to send any future emails to abuse@comcast.net

Not so. Every bogus login link mentioned in this thread is functioning and reachable as of 7:45 PM EST, including the one I posted as dead earlier.

Beware.


NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast
reply to graysonf

said by graysonf:

Neither http://info.bill.update.alzoam.from-ok.com/cobill/index.php nor http://customer.comcast.com.gbhqv.est-mon-blogueur.com/combill/index.php?forceAuthn=1&continue=%2fSecure%2fHome.aspx&s=ccentral-cima&r=comcast.net have been taken down as far as I can tell.

Both lead me to fake Comcast login pages.

It might be a good idea to put the links above in <code></code> brackets (as I did in my quote above) to prevent the terminally stupid from clicking on them.

--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:1

The terminally stupid would then be forced to cut and paste them.



JohnInSJ
Premium
join:2003-09-22
San Jose, CA

1 recommendation

I reported both sites to Google's phishing site, which should at least get you a warning page if you google them...

»www.google.com/safebrowsing/repo···=mozilla
--
My place : »www.schettino.us



NetFixer
From my cold dead hands
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
·Comcast
reply to graysonf

said by graysonf:

The terminally stupid would then be forced to cut and paste them.

Yes, and that would remove any doubt as to who would be held responsible for their stupidity.

Sorry, but the network security guy who lives in my head, but still hasn't retired with the rest of me, sometimes just won't stop nagging me until I make posts like this.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.


graysonf
Premium,MVM
join:1999-07-16
Fort Lauderdale, FL
kudos:1

Exactly