New Poster
•
2 Messages
Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?
I received an email from xfinity@emails.xfinity.com today that asked me to click on a link to "Update your settings." When I did, my browser presented me with the following message:
This Connection Is Not Private
This website may be impersonating “emails.xfinity.com” to steal your personal or financial information. You should go back to the previous page."
I did call Xfinity support and was told that they see no record of this email being sent out. I have received other emails with this address (the updated Comcast Customer Privacy Policy was sent this way). So, is this legit, or is someone phishing for Xfinity's customers' information? If it's the former, then why is Xfinity sendoug out non-private links to its customers?
Accepted Solution
BruceW
Gold Problem Solver
•
25.5K Messages
5 years ago
That looks legitimate. If you can check the message in webmail, look for the Xfinity Verified logo -- see https://www.xfinity.com/support/articles/comcast-verified-email. Any legitimate email from Comcast/Xfinity should have the logo when viewed at https://connect.xfinity.com/.
0
0
Again
Expert
•
30.4K Messages
5 years ago
It is not legitimate. Whenever you get an email like this hover your mouse over the link and look in the lower left corner and you should see where the link points to.
To report this go to https://internetsecurity.xfinity.com/help/report-abuse/ and scroll down to the Report Spam and Phishing Emails tab.
0
ggeinec
Contributor
•
213 Messages
5 years ago
I also received this email this evening.
Here is the text that is included in the email referred to above (bolding in the message is theirs, not mine):
From 9/24/2019–10/1/2019, we're making changes to improve security for Comcast.net email accounts.
As a result of these changes, you'll need to update your outgoing email server settings for the email address xxxxxxxxxxxxx@comcast.net to avoid compromising your customer login credentials when using a third-party email app such as Outlook.
If you do not update your settings your customer login credentials may be vulnerable to certain security issues. You'll also no longer be able to send emails through a third-party app.
These updates will only take a few minutes. Click below for step-by-step instructions.
Hovering over the 'Update your settings' button reveals a URL that looks like this:
(https://) emails.xfinity.com/pub/cc?_ri_=(very long string of mixed charaters appended here)
The From address is: xfinity@emails.xfinity.com
The Reply to address is: reply@emails.xfinity.com
0
0
thebw
Frequent Visitor
•
12 Messages
5 years ago
I have the same question. Got the same email today and immediately moved it to Spam. But I am not sure.
0
0
stevetefft
Contributor
•
103 Messages
5 years ago
I got the same email last night. Is there a legit Xfinity person who can confirm one way or another???
0
0
ggeinec
Contributor
•
213 Messages
5 years ago
Unfortunately my email client downloaded the message to my PC when I opened it a couple of days ago it no longer exists in my Comcast webmail inbox.
Isn't there someone at Comcast who can vouch for the legitimacy of this email? One would think with something like this that will affect a lot of users a lot of folks there would be aware of it.
Thanks!
0
0
Again
Expert
•
30.4K Messages
5 years ago
I did confirm it, but you know that now.
0
0
CCAntiSpam
Gold Problem Solver
•
1.9K Messages
5 years ago
Yes, these are legitimate. We're asking users to ensure they are using secure connection methods when sending email using a third party client:
https://www.xfinity.com/support/articles/update-your-xfinity-email-settings
The URL has instructions for many common mail clients.
0
0
CCAntiSpam
Gold Problem Solver
•
1.9K Messages
5 years ago
I can pass that request on to the folks that design these communications.
0
ggeinec
Contributor
•
213 Messages
5 years ago
Thanks for your response.
And thanks for providing the direct link to the page with instructions for how to update our email settings.
We are conditioned that it is a good security practice to NEVER click on links in emails and to instead type in URLs that we know are legitimate.
Given that, I expect many of us would be more comfortable being told where we can go on the Comcast site to find instructions on how to update our email settings so we can login to the site knowing we are going to a legitimate page.
Would it be possible to include such instructions along with the button in future email messages of this type?
Thanks!
0
Again
Expert
•
30.4K Messages
5 years ago
Why would this email go out a full 10 months AFTER this change went into effect?
This post dated 10-10-2018 from @ComcastJessie notifies people here about this change.
I'm sorry, but this makes no sense.
0
CCAntiSpam
Gold Problem Solver
•
1.9K Messages
5 years ago
0
Again
Expert
•
30.4K Messages
5 years ago
It should be posted an pinned here, then.
0
jgt_Sarasota
New Poster
•
3 Messages
5 years ago
Thanks--I've also received those emails but a search today of my Comcast.net online account did not show them and & I could find no info on the Xfinity site; I'm glad I was suspicious--will report & delete
0
0
CCAntiSpam
Gold Problem Solver
•
1.9K Messages
5 years ago
@jgt_Sarasota These are legitimate, please read the whole thread.
0
0