Skip to main content

    Support

    Offers

U
user_ud5t2r
1st Topic

2 Messages

Sunday, December 22nd, 2024 3:58 PM

Phishing Emails

Like a few other recent posts on this forum I am receiving about 80 - 100 Phishing emails a day. For those that think that this is just SPAM all of the emails that I am receiving ether have attachments that contain malicious code, or hyperlinks to fake websites designed to ether steal information or inject malicious code into my computer.

To combat this, I made some rules in Outlook that would separate out emails that did not have my actual email address in the "To" block and had an attachment. The rule then sent those emails as an attachment (to prevent malicious code injection at the source) to reportphishing@apwg.org. Then moved those same emails to the default Junk folder. This rule caught about 98% of the phishing attempts. There were a few others that would put my actual email address in the "CC" block, I made a sperate rule to catch those. 

Now to the problem, more than likely with Outlook on my end now dumping hundreds of infected emails to a the phishing report site, Xfinity filters are probably flagging me as a spammer or a zombie account as it is randomly sending me Non-Deliverable email reports and has made me randomly reset my password.   

I can go on ad-nauseam about all the other things wrong with this situation, but I have 2 relevant questions. 

  1. If your filters can identify that malicious code is in an attachment in an email, then why does it get delivered to my inbox anyway?
  2. If we can't report phishing to the authorities that might actually put these criminals in jail how are we supposed to keep our systems secure?  

Question

 • 

Updated 

4 months ago

221

2

0

plumld

Contributor

 • 

260 Messages

4 months ago

I've been in the same situation for the last four months, although I'm currently getting about 150+ phishing emails a day (4500+ per month). I have been reporting to three locations, abuse @ outlook.com (the source), abuse @ comcast.net and missed-spam @ comcast.net, all as attachments to preserve the header.

The ultimate in irony is that at least once a day, I receive a Non-Delivery Report from Comcast, reporting that "Your message was believed to contain questionable content, and therefore as not delivered to the intended recipients." This has been in response to not only sending them to abuse @ comcast.net, but also to abuse @ outlook.com! Imagine, sending a bunch of phishing emails that Comcast delivered to my Inbox, then sending a Non-Delivery Report to me when I return them to Comcast!

I'm feeling pretty sure that we'll never see the light of day. On top of this, you can't even replace your email address with a new one.

0

0

XfinityPaula

Official Employee

 • 

1.4K Messages

4 months ago

Hello user_ud5t2r. Thank you for sharing your experience with the spamming emails on our Xfinity forums. I'm sorry to read of your experience as well as our other customers. I know how much of a nuance they have become, and it seems like as soon I need to register a new account for something, the spam multiplies. How many messages would you say are usually forwarded daily to report the phishing? I know our customer security assurance team works hard to help keep our email and system safe. You can always contact them directly for help with the phishing and spam emails you are seeing. They will help make sure that the reports are getting to the right teams. 

3

0

plumld

Contributor

 • 

260 Messages

@XfinityPaula​ in my case I have reported every single one to both abuse, missed-spam, as well as flagging them. This is on average 120 - 150 phishing spams a day, an average of 4000 per month. Tell us again how CSA keeps us safe from this onslaught?????"?

Like

Reply

4 months ago

0

user_ud5t2r

2 Messages

@XfinityPaula​ 

As of right now no phishing emails are being sent to reporting since Xfinity is blocking me from reporting them. The rules that I have set in Outlook now just permanently delete e-mails caught in the filters I created above. Xfinity is still making me reset my password which screws up Outlook. Setting up similar filters in the webmail does not filter anything.  

I'm not sure of anyone's technical background that responds to customers in this forum, but I'm a DoD Cyber security professional, forcing customers to randomly reset passwords is bad since there are plenty of keyloggers out there that activate in your browser when they detect that you have gone to a password change website which is how real cybersecurity bad actors compromise systems.

Now if I was an SA on your systems, I could probably fix your filters in about 5 minutes. But last time I checked Comcast is a multibillion-dollar company. So your SA's should be way smarter and get paid way more money than me to deal with this issue.       

Like

Reply

4 months ago

0

XfinityDena

Official Employee

 • 

3.2K Messages

Thank you for that information @user_ud5t2r Did you report to our CSA team that your email is being blocked?

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Like

Reply

4 months ago

0

forum icon

New to the Community?

Start Here