Reproduced below is a copy of an Xfinity phishing email, sent to me by a Scamicide reader that uses the common ploy of indicating that there is a situation that requires your immediate attention. The version sent to the Scamicide reader contained the Comcast Xfinity logo, however it is a simple matter to counterfeit a company logo. There are a number of telltale flaws in this particular phishing email. The email address from which it is sent has no relation to Comcast Xfinity and is most likely the email address of someone whose email has been hijacked and made a part of a botnet used to spread phishing emails and malware. In addition, the email contains grammatical errors in the second sentence. Poor grammar is often found in phishing emails, many of which originate in country’s where English is not the primary language.
Here is the text of the phishing email.
From: “19.7 XFlNlTY” <lmeadave@comcast.net>
Date: July 31, 2019 at 5:37:35 PM EDT
To: xxxxxxx@comcast.net
Subject: Reminder: Account Closure
Reply-To: Iucho4@outlook.com
Dear Xfinity Customer,
Your Xfinity Mail-Box is outdated, You need to upgrade your Mail-Box to the newest XFlNlTY 19.7 now.
according to the provision 19.1 of terms and conditions, comcast may at anytime terminate it’s service for your Mail-Box
Update Here (Don’t click on this link)Thanks you for being a valued Comcast User.
Please do not reply to this email. Mail sent to this Address cannot be answer.
TIPS
Obviously if you do not have an account with Comast Xfinity you know that this is a phishing scam, but even if you do have an account with Comcast Xfinity, as I indicated above there are a number of indications that this is not a legitimate email, but instead is a phishing email. Legitimate companies would refer to your specific account number in the email. They also would specifically direct the email to you by your name instead of “Dear Xfinity Customer.”
As with all phishing emails, two things can happen if you click on the links provided. Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you may download keystroke logging malware that will steal all of your personal information from your computer or smartphone and use it to make you a victim of identity theft. If you receive an email like this and think it may possibly be legitimate, merely contact Comcast Xfinity at the telephone number that appears on your bill to confirm that it is a scam.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of www.scamicide.com and click on the tab that states “Sign up for this blog.”