Regular Visitor
•
7 Messages
Email hacked, secondary email address changed again
This is the second time this week! I received an email both times saying that my personal information has been changed on my account. I hadn't changed anything. When I logged in and checked my security settings my secondary email address was changed [Edited: "Personal Information"]. The code had not been verified. And I changed it to one of my email addresses and changed the password.
This had been happening a bunch of times to my account from October to December and then it stopped. Same sort of thing, changing the secondary email address or turning off 2FA. I have 2FA turned on on my account and all of the times that my security settings were changed, it never triggered the 2FA or showed any history of another IP address or computer accessing my account.
It seems pretty obvious that someone at comcast or a third party is accessing people's accounts through the back-end. Comcast has to do something about their security. This is getting to be unacceptable and telling me to change my password every time is not the answer, it's obvious they're not accessing my account via the password and 2FA.
flatlander3
Problem Solver
•
1.5K Messages
2 years ago
You're going to want to immediately unlink any Xfinity account you have with any other service or site. I'd consider them all burned from now on.
This isn't a question of "fixing security", [Edited: "Inflammatory"]
(edited)
0
eva_bee
Regular Visitor
•
7 Messages
2 years ago
Totally agree. It's quite apparent there's no security or concern for security. This might be the push I need to switch to FIOS, though I'm not sure they're any better when it comes to security.
0
0
user_227bae
Visitor
•
1 Message
2 years ago
This happened last night in our household. An email at 8p: "Changes made to your account." Legit from Comcast, and my husband also received the same email, so then I log in on the primary account, all looks okay...but the next morning, my husband cannot get into his email. Password not working on any devices. I log back in on my account, start looking at the family accounts, and see that under his, someone has created a second email address (to which we have no affiliation) that has the same very unique prefix as his own.
I then look up the suffix URL and it goes to a nefarious repository site that sets off my Malwarebytes ("reliablemailers", if you're curious) and I know this is a can of YUCK. I had comcast customer service remove it, although they couldnt explain how it got there nor did they share when, but given the timing of these events I'm betting it was last night with that one email ping from Comcast...
Something is rotten for sure. P-dubs refreshed uniquely all over!
(edited)
0
0
user_17dc31
Visitor
•
2 Messages
2 years ago
This happened to me three times today, first around 5am (fixed myself), again around 4pm (called Xfinity/Comcast Security, they fixed it), and the third time while I was actually on the phone with Security, minutes after the second fix! Security escalated my call immediately, and they have enabled multi-factor authentication (more secure than two-factor verification) and are putting a lock on my account that should restrict account access only to sign-ins (and sign-in attempts) from my home IP address.
Each time today was "reliablemailers" like yours.
This happened to me before and many other people as well late last year, same thing, but the fraudulent email domain was "yopmail". Those incidents were widespread, and besides being mentioned elsewhere in this forum, have several articles posted online if you search.
Hopefully these scaled-up security measures make a difference, and just as hopefully Xfinity can figure out how these "bad actors" are doing this and put a stop to them.
0
0
user_f2d319
Visitor
•
1 Message
2 years ago
As someone with much internet security experience. There's only a few ways you're likely to get hacked. Adult or p2p websites being most common; Using outdated passwords that were leaked in to public databases; phishing emails; someone who you allowed access in to your account either personally or you opened a malicious file that was sent to you.
Also, it is not a good idea to put your email address out there, for the world to see, registering on every website you can find, every store you can buy something from. Use your primary email for bills, maybe amazon, and people you know but anymore than that is too much. You need a secondary email account if you want to register on forums and miscellaneous sites, that have public data dumps and get hacked on a regular basis. This will also prevent you from receiving a lot of scam emails including phishing/fake Xfinity emails, as someone mentioned, it looks like that is what happened. So called "legit email" was NOT legit. Emails can be spoofed. Always look at the url when you click on links you may be skeptical of. URLs cannot be spoofed, they can look similar but not outright spoofed. Xfinity can only do so much here, you have to be aware of what you are doing.
(edited)
1
0
soulbringer
New Poster
•
6 Messages
2 years ago
Same thing is happening to me now. I tracked the IP. It's from California and they are using firefox browser. I wish there was a way to block that IP.
1
0
XfinityAdrienne
Official Employee
•
1.3K Messages
2 years ago
Hey there, I am very sorry to hear about the experience with your email! We would be happy to look into it with you! Please send us a private message with as much information as possible (pictures are helpful too, if you can), using the below instructions:
"Search for Xfinity Support" won't work. To send a "Peer to peer" / "Private chat message" message to Xfinity Support:
• Click "Sign In" if necessary
• Click the "Peer to peer chat" icon or https://comca.st/3wjbsKk
• Click the "New message" (pencil and paper) icon
• The "To:" line prompts you to "Type the name of a person". Instead, type "Xfinity Support" there
• - As you are typing a drop-down list appears. Select "Xfinity Support" from that list
• - An "Xfinity Support" graphic replaces the "To:" line
• Type your message in the text area near the bottom of the window
• Press Enter to send it
See https://comca.st/2Uwyujs for an example.
2
0
Chrissy15221
Contributor
•
183 Messages
2 years ago
A hacker may have changed it . They used a " privately circulated one-time password " , then added a secondary email address , changed your info , turned off 2FA , and reset the password .
I had to turn off 2FA in order to sign in to my email and change my email address & password .
* * * Here's something interesting … I log into this community with the new email address , though I can't have notifications sent to it ! I have to come to this website to check for messages , said that they can't change it , but the hacker was able to ? Additionally , I would forfeit all of my accomplishments here if I create another account .
There's a fellow over at customer service named Tom Karinshak who wants to know how Comcast / Xfinity is doing , has a webpage where you may submit your comments . I'm going to ask him if he can change my email address for this forum ?
Here's a link to the hacking article :
https://www.techradar.com/news/comcast-xfinity-accounts-are-being-attacked-in-2fa-bypass-attacks
0
0