ASK921's profile

Regular Visitor

 • 

4 Messages

Sat, Dec 5, 2020 10:00 AM

Failure to process auto payment - Fotros.com

Hello,

I just received an very official looking email from My Account stating automatic payment failed. The body of the email states there were errors processing my recent payment and to ensure I do not have service interuption I should update my information immediately.  My bill is not due yet which made me suspicious. When I hover over the "Sign In and Update" link they provide I see it goes to a "Fotros.com/catalog/cms/ok/" link. The rest of the email is an exact copy of what xfinity sends out to customers with correct links. 

The suspicious differences I see in it are that it came from "My Account" and not "XFINITY My Account" and also the link to "Sign In and Update".      Is this a very good phishing email or is it actually xfinity generated?

Responses

Accepted Solution

BruceW

Gold Problem Solver

 • 

22.4K Messages

7 m ago

Comcast would not send an account update email with a "Fotros.com" link. That's a phishing email, a scammer attempt to steal login and account information. If you can check your email with Comcast's Xfinity Connect webmail, look for the XFINITY Verified Email logo next to any message that claims to be from Comcast/Xfinity (see https://www.xfinity.com/support/articles/comcast-verified-email).

 

If the logo is missing when you view the message in webmail, the message is not from Comcast. Unfortunately, AFAIK the logo is not present when you view one of their messages in an email app or program, not in even Comcast's own email app. It's only visible when you use their web email site.

Samples of recent phishing messages can be found at https://internetsecurity.xfinity.com/help/alerts/ under "Top Phishing Scams".

To report a scam email to Comcast, follow the "Report Spam and Phishing Emails" link on https://internetsecurity.xfinity.com/help/report-abuse/ and scroll down to the "Report Phishing Emails" section.

 

Regular Visitor

 • 

4 Messages

7 m ago

Thanks, I see what yoiu're saying about the verified logo on other account emails. I was unaware because I most often use an Outlook client. This was a well put together phish and is sure to ctch someone. I have reported it in hopes they can block others from getting it. Thanks BruceW.

New to the Community?

Start Here