Skip to main content

    Support

    Offers

U
user_00yfvs
1st Topic

2 Messages

Tuesday, October 10th, 2023 5:06 PM

Closed

Disable ability to reset password by being called with an automated message

A month ago, someone managed to hack my comcast email by exploiting a feature that comcast has where it will call you via an automated message and give you a PIN code to reset your email. The automated message was left on my cellphone voicemail, which the hackers then managed to access. They then were able to hijack my Microsoft account and a couple of others with poorly thought through 2FA. I called comcast to explain this exploit and see if I can disable it and basically got someone who either didn’t seem to understand the issue or was trying to game me, asking personal questions and wanting me to verify a pin that “no Comcast Representative will ask for”. I need to speak to a human, preferably someone in the US, that is with Comcast InfoSec. 

Question

 • 

Updated 

2 years ago

491

1

0

XfinityAirelle

Official Employee

 • 

2.6K Messages

2 years ago

@user_00yfvs  Hi there! Thanks for taking the time to reach out. Our awesome team will be happy to assist. This would be an issue that our Customer Security Assurance team can help you with. You can reach them here: https://internetsecurity.xfinity.com/help/report-abuse 

 

Please let us know if you have additional questions! 

1

0

user_00yfvs

2 Messages

The person I spoke with (at least that's what I was told) was on your Security Assurance team.  This is the person who proceeded to ask for the code texted to me.  Within that text, it very clearly states "Comcast will never request this code."

After I told him I would not give him that code, he then asked for my social security number.

My internal scam alarm went off and I hung up the phone.

This is a global issue with your service.  This isn't just a me problem.

Seriously.  You need to take a hard look at your security.

Unfortunately I believe my best solution is to begin to migrate everything away from my Comcast email.  An email I've used since you guys were AT&T.  We're probably talking 20 years.

This [Edited: "Language"].

(edited)

2 years ago

0

forum icon

New to the Community?

Start Here