Skip to main content

    Support

    Offers

U
user_70ef59
1st Topic

Visitor

 • 

16 Messages

Tuesday, August 23rd, 2022 3:42 AM

Closed

How determine if XFINITY encrypted network is legitimate or if network name s being spoofed

I have often used the XfinityWiFi network when I am away from my home network, and I am aware that XfinityWiFi is an open, unencrypted network.  I recently found out about the XFINITY network which is encrypted and therefore safer than XfinityWiFi.  My question is:

How do I determine if the XFINITY network I am signing on to is a legitimate Xfinity encrypted network or if someone is spoofing the network name?  When I used the unencrypted network it didn’t matter if someone was spoofing the network name since I never entered passwords or sensitive information, but if someone is spoofing the encrypted network name they would get my Xfinity password when I signed on … and, of course, also any other passwords or sensitive data I entered after signing on.  Or am I misunderstanding how the XFINITY encrypted network functions?

Question

 • 

Updated 

3 years ago

1.4K

4

0

CCRenee

New Problem Solver

 • 

169 Messages

3 years ago

Great question! One of the great things about being connected to the XFINITY network is once you sign in, your device will automatically remember the details and not prompt you to reenter your password and details for privacy reasons. I always advise customers about staying safe when using open networks but if unsure of possible spoofs or if you think you may have been exposed to any cyber issues, we have you covered by recommending you speak with our Customer Security Assurance (CSA) team. Their website is https://comca.st/3cbu1Mo, and they can be reached 1-888-565-4329. 

4

0

user_70ef59

Visitor

 • 

16 Messages

@XfinityRenee​ Thanks.  That makes me feel better about the second and subsequent times I log in to the XFINITY encrypted network … but what about the very first time?  Should I go to my neighborhood Xfinity store (assuming that all of your stores have the XFINITY network) and sign in there?

Also, it sounds like there’s some sort of “secret handshake” protocol between my phone and the XFINITY network on 2nd and subsequent logins so that it won’t connect me to just any old network named XFINITY.  If so then I’ll feel protected after my first login to a verified, guaranteed legitimate, XFINITY network.

Please keep in mind that I’ll be logging in from my Safari browser and not from any sort of Xfinity app.

(edited)

3 years ago

0

CCBrandon1

Problem Solver

 • 

770 Messages

That is a great question. You can use any XFINITY network to sign in, and you can use the Hot Spot app to see what ones are the public networks. If you feel more secure doing at a Xfinity retail location, that is fine too.

Comcast is committed to making your WiFi experience as fast, fun and safe as possible.

Secure Xfinity WiFi (XFINITY) encrypts the traffic passing between a user's device and the hotspot. The encryption continuously scrambles and decodes the traffic, helping to protect users from the risk of wireless eavesdropping. 👍

I no longer work for Comcast.

3 years ago

0

user_70ef59

Visitor

 • 

16 Messages

I think I WILL go to my Xfinity store the first time.  Otherwise there’s a small-but-non-zero danger of logging on to some scammer’s network that they named XFINITY.  

apparently when I hit the reply button it takes away my ability to mark this as “answer accepted,” so if you have the ability to mark it so, please do.  Thanks very much for your help and yourSPEEDY responses!

3 years ago

0

CCJosh

New Problem Solver

 • 

452 Messages

Sounds like a plan, @user_70ef59. I signed in to the network at an Xfinity Service Center myself while being assisted by some awesome experts at the location. Thank you again for taking the time to post here and have an awesome rest of your day! 

I no longer work for Comcast.

3 years ago

0

EG

Expert

 • 

110K Messages

3 years ago

The concern is not "Xfinity Home Security / Devices And Equipment" help related.................... Thread moved here to the proper help section for assistance. 

0

0

NoNoBadPuppy

Problem Solver

 • 

543 Messages

3 years ago

You could run a tracert from an elevated command prompt to the URL you are wanting to connect to.  That should give you enough information to determine if it is legitimate or not. 

1

0

user_70ef59

Visitor

 • 

16 Messages

@NoNoBadPuppy​ I appreciate you taking the time to try to help me.  However, after looking up the tracert command and ‘elevated command prompt’, I’m not sure they’ll accomplish what I want.

First of all, I’ll be doing this on an iPhone, and from what I’ve read the elevated command prompt only functions on Windows.  Is there an iOS equivalent?  But secondly, I'm not trying to determine if a website is real or spoofed; I’m trying to determine if a particular instance of a network named XFINITY is real or spoofed.  From the little I’ve read it doesn’t sound to me as though the tracert command will do that.  Thanks for whatever additional information you can give me.

3 years ago

0

flatlander3

Problem Solver

 • 

1.5K Messages

3 years ago

@user_70ef59  The truth?  If you join ANY hotspot, then are authenticating via captive portal ANYTHING, you are broadcasting your user credentials and it is going to be a risk if someone has stomped on the SSID for this purpose, and presented a login page for you to do it.

The advice is you don't use a public network that uses captive portal authentication in a web browser.  The exception is something like a hotel room that uses a room number or some other identifier that isn't part of any account/credentials or email address you use.  The recommendation in that case is after you join, fire up a VPN connection to a server that pushes a route and redirects ALL traffic through the VPN.  That is done on the server configuration side (redirect-gateway df1 or similar push route).  You are going to want to fire up a VPN connection on ALL other public networks too.  Either your server, or someone you trust.

How do you test that your traffic is routed through the vpn?  Go to a "what's my IP address" website and see what it says.  It should return the VPN server's ip address or it's external gateway IP address on that network.

(edited)

0

0

forum icon

New to the Community?

Start Here