The DU Lounge
Related: Culture Forums, Support ForumsAnyone uses Comcast?
I received an email alerting me that my password would expire in 5 days, but there is an option to click to keep the same one.
I want to make sure that this is not phishing and tried, in vain, to call Comcast. The robot "concluded" that the modem needed rebooting. It did not but for a few minutes I was not connected..
Any suggestions?
Thanks
hlthe2b
(102,122 posts)If you need to change your password, it should give you a notice.
question everything
(47,434 posts)Akoto
(4,266 posts)question everything
(47,434 posts)llashram
(6,265 posts)careful. These hacker-phishing types make life miserable sometimes. Opportunistic jerks with nothing to do while still at home. No job, no future...nothing!
RandiFan1290
(6,221 posts)Seems suspicious to me.
Best to ignore.
lisa58
(5,755 posts)CloudWatcher
(1,845 posts)I just never click on links in email (with the exception of email that I'm expecting confirming a newly setup 2-factor authentication).
If you want to be sure, there's "some way" of looking at all the headers in an email .. and with practice .. you can have some fun figuring out that your mail from "comcast" really came from China or Russia. Just how to see all the headers is specific to the email reader you are using. On the Mac there is "View / Message / All headers" command. I assume there's something equivalent in all email readers.
There's also (in almost every reader) a way to look closely at a link in an email and see where it would actually take you if you were to click on it.
E.g. a link in email from Comcast "should" take you to some site that ends with ".comcast.com" ... and if not you can be pretty sure it's a phishing attack.
And yeah, any time you get a 'password needs to be reset' email, 99.9999999999% of the time it's phishing.
question everything
(47,434 posts)Here are some lines
X-Ms-Exchange-Crosstenant-Originalarrivaltime: 03 Feb 2022 13:27:35.6395 (UTC)
X-Originatororg: de.pr.gov
X-Xfinity-Vmeta: sc=0.00;st=legit
X-Ms-Exchange-Antispam-Relay: 0
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:
and
X-Ms-Exchange-Transport-Crosstenantheadersstamped: CY4PR06MB2901
Authentication-Results: resimta-a1p-087407.sys.comcast.net; dkim=pass header.d=de.pr.gov header.b=T2G5RNmu
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=de.pr.gov;
and
X-Comcast-Smtp-Spoor: http://de.pr.gov http://mail-
Received: from PH0PR06MB8633.namprd06.prod.outlook.com (2603:10b6:510:11c::6) by CY4PR06MB2901.namprd06.prod.outlook.com (2603:10b6 03:134::19) with Microsoft SMTP
(I do not use Outlook)
and
X-Caa-Spam: F00000
Yes, will ignore and will hope that in five days my access will not be blocked..
CloudWatcher
(1,845 posts)Fyi de.pr.gov is the department of education in Puerto Rico. Not a lot of reasons for Comcast to be sending email through them
I pay the most attention to the "Received: from" lines ... with some work you can trace where the message originated and how it got to your email server. It helps to be able to use a tool to convert between IP addresses and hostnames. There's usually some badly-configured email server that lets anyone (e.g. spammers) ask it to relay email for them.
Ohio Joe
(21,727 posts)You do not get notified that way of passwords expiring. You get warnings when you actually try to log in. If the date passes... Say it expired on Monday and you go try to log in today... Or even six months from now, it will take you to a page to update. You do not just lose access.
question everything
(47,434 posts)Ocelot II
(115,587 posts)It's bound to be bogus. Here are examples of scam emails pretending to be from Comcast: https://forums.xfinity.com/conversations/internet/answered-comcast-email-phish-or-legit-how-to-tell-and-rules-for-posting-about-your-mail/602da481c5375f08cd7fbd7b