If you need to change your password, it should give you a notice.

careful. These hacker-phishing types make life miserable sometimes. Opportunistic jerks with nothing to do while still at home. No job, no future...nothing!

Seems suspicious to me.

Best to ignore.

I just never click on links in email (with the exception of email that I'm expecting confirming a newly setup 2-factor authentication).

If you want to be sure, there's "some way" of looking at all the headers in an email .. and with practice .. you can have some fun figuring out that your mail from "comcast" really came from China or Russia. Just how to see all the headers is specific to the email reader you are using. On the Mac there is "View / Message / All headers" command. I assume there's something equivalent in all email readers.

There's also (in almost every reader) a way to look closely at a link in an email and see where it would actually take you if you were to click on it.

E.g. a link in email from Comcast "should" take you to some site that ends with ".comcast.com" ... and if not you can be pretty sure it's a phishing attack.

And yeah, any time you get a 'password needs to be reset' email, 99.9999999999% of the time it's phishing.

Here are some lines

X-Ms-Exchange-Crosstenant-Originalarrivaltime: ⁨03 Feb 2022 13:27:35.6395 (UTC)⁩
X-Originatororg: ⁨de.pr.gov⁩
X-Xfinity-Vmeta: ⁨sc=0.00;st=legit⁩
X-Ms-Exchange-Antispam-Relay: ⁨0⁩
X-Forefront-Antispam-Report: ⁨CIP:255.255.255.255;CTRY:;LANG:en;SCL:

and

X-Ms-Exchange-Transport-Crosstenantheadersstamped: ⁨CY4PR06MB2901⁩
Authentication-Results: ⁨resimta-a1p-087407.sys.comcast.net; dkim=pass header.d=de.pr.gov header.b=T2G5RNmu⁩
Authentication-Results: ⁨dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=de.pr.gov;⁩

and

X-Comcast-Smtp-Spoor: ⁨http://de.pr.gov http://mail-

Received: ⁨from PH0PR06MB8633.namprd06.prod.outlook.com (2603:10b6:510:11c::6) by CY4PR06MB2901.namprd06.prod.outlook.com (2603:10b6 03:134::19) with Microsoft SMTP

(I do not use Outlook)

and

X-Caa-Spam: ⁨F00000

Yes, will ignore and will hope that in five days my access will not be blocked..

Fyi de.pr.gov⁩ is the department of education in Puerto Rico. Not a lot of reasons for Comcast to be sending email through them

I pay the most attention to the "Received: ⁨from" lines ... with some work you can trace where the message originated and how it got to your email server. It helps to be able to use a tool to convert between IP addresses and hostnames. There's usually some badly-configured email server that lets anyone (e.g. spammers) ask it to relay email for them.

You do not get notified that way of passwords expiring. You get warnings when you actually try to log in. If the date passes... Say it expired on Monday and you go try to log in today... Or even six months from now, it will take you to a page to update. You do not just lose access.

It's bound to be bogus. Here are examples of scam emails pretending to be from Comcast: https://forums.xfinity.com/conversations/internet/answered-comcast-email-phish-or-legit-how-to-tell-and-rules-for-posting-about-your-mail/602da481c5375f08cd7fbd7b