Please be aware of a new scam targeting Comcast users. Comcast is the largest home ISP in the U.S. and it's no wonder they are a target. Other Internet Service Providers are also likely to be attacked as well, so remember to "Think before you click".
Here is the triple-threat scam targeting Comcast users, which was discovered by Malwarebytes:
- Comcast has a search page called Xfinity that serves up lots of information. On this page is a malicious ad (served by Google) from "Sat TV Pro" which claims to compare Direct TV to Comcast TV. The user clicks and gets redirected to a compromised site which has an Exploit Kit (EK) running.
- The EK infects the workstation with ransomware and then redirects the user to a fake Xfinity site.
- The fake Xfinity site pops up a message saying it's from "Comcast's security plugin" and that the workstation is infected (which is correct, the bad guys just did that!) and that the user needs to call tech support. The toll free number goes to scammers who will try to charge the user's credit card to "fix" the workstation.
This particular scam has been reported to Google and Comcast, but there will be other scams very similar to this one. The bad guys have whole campaigns stacked up with attacks like this.
More and more, legitimate-looking advertising served on major websites turns out to be malicious. Bad guys pay for and post ads that they hope you will click on. But if you click on those ads, you get redirected to a compromised website that infects your computer with ransomware, and/or display popups that claim your PC has a virus and you need to dial a toll-free number. If you call that number it will be answered by scammers who claim they are from legitimate companies like Microsoft or Comcast, and will try to charge your credit card to fix your computer.
So, what to do? You need to stay vigilant at all times and "Think Before You Click":
- Don't click on links in emails; instead, type the URL of websites you want to visit directly into your browser search bar.
- Don't click on display ads on websites; instead go to the website you want to visit by typing its URL directly into your browser search bar.
- If you get popups that claim your computer has a virus and you need to dial a toll-free number, close your browser immediately without clicking on the popup.
Please visit our Fraud Prevention Center to learn more about protecting your personal information. We have designed this section of our website to give you information about protecting yourself from fraud and identity theft, and tips on how to protect your personal information. If you feel that you have been a victim of a scam or identity theft, please contact a Member Services Representative at 888-436-1847 or visit one of our branch offices.