HE

Visitor

 • 

1 Message

Thursday, June 15th, 2023 9:50 PM

Closed

EMAIL HACKED. CHANGED PASSWORD. CAN SEND EMAILS BUT NOT RECEIVING USUAL EMAILS.

My email was hacked by verifying what I thought was email update from Xfinity.  My bad!  I changed password but I no longer receive emails since the hack.  I can send and strangely enough receive an email from family member.  I deleted "Auto Forwarded "email not mine.  And checked email filters.  How do I get my email back and what can I do with the hacker's information that I have?  I have him in California, exact time of hack and his IP address.  

Problem Solver

 • 

1.5K Messages

2 years ago

Cheap advice?

Setup a drop email account somewhere else.  Protonmail, gmail, wherever.  For the paranoid(and the proper way), do this with a linux boot disk (doesn't touch your hard drive).  Download a usb image or dvd from ubuntu.com and burn it to flash or dvd.  Don't install, say "try ubuntu" and it won't touch your hard drive.

Any web account that uses your xfinity account for password recovery is burned, especially banking.  Change all those passwords using linux.  While you are in there, any two factor authentication using your phone too. Point them all at your new burner email account for password recovery.  Your phone number is burned as well.  Consider dumping it.

Now change the password on them all again by using the "forgot password" option using linux.  See if it works with your new burner account.  Now that you got the rest of the world straightened out, change Xfinity.  Change the 2-factor authentication to your new drop email, change the password on EVERY xfinity account you have with Xfinity.  Change your WiFi password.  Look for additional admin accounts that may have been added to your xfinity account on https://xfinity.com  besides the .forward email address.

Consider the Xfinity account burned from now on.  Never use it for anything important again -- there is a customer support credential leak problem by someone claiming to be you by phone, and getting somewhere with them by talking a good game because they have your account information, address and billing info.

 When you boot back to whatever you are using, run a "boot-time-virus-scan" if you have that option, or virus scan. 

Consider prepping for a bare metal recovery situation where you have to recover documents/photos/software using an external drive that contains a backup of what you think is important.  That includes install media for your OS.  Save it on an external drive.  DO NOT log into any account you just created from your compromised box.

For the paranoid again, blow away your current OS by reformating the hardrive.  Never trust a compromised machine.  Not a big deal to do this if you do regular backups -- which you should have all along.  Make sure you have license keys/account names/passwords for software you have installed.  When you load the OS, load an anti-virus program 1st, then run all the OS updates before loading ANYTHING else.

Good luck!

Official Employee

 • 

899 Messages

2 years ago

@h-elizabeth I'm going to DM you to get the email address/account that is having the problem.

As for providing that tracking information, that should be a call to our CSA department.

(edited)

Expert

 • 

31.4K Messages

@XfinityAlex@h-elizabeth 

Customer Security Assurance
Business Hours: 8:00am - 12:00am EST, 7 days a week  
Contact: 1-888-565-4329 

(edited)

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Please mark an Accepted Answer!tick

Problem Solver

 • 

513 Messages

2 years ago

Hi there, @hughes-elizabeth. Thank you for reaching out to us via our forums. May I ask if you are using a third-party app to check your emails?

1 Message

2 years ago

This just happened to me.  How did you track the hacker?

forum icon

New to the Community?

Start Here