Community Forum

Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

Highlighted
New Poster

Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

I received an email from xfinity@emails.xfinity.com today that asked me to click on a link to "Update your settings."  When I did, my browser presented me with the following message:

 

This Connection Is Not Private

This website may be impersonating “emails.xfinity.com” to steal your personal or financial information. You should go back to the previous page."

 

I did call Xfinity support and was told that they see no record of this email being sent out.  I have received other emails with this address (the updated Comcast Customer Privacy Policy was sent this way).   So, is this legit, or is someone phishing for Xfinity's customers' information?  If it's the former, then why is Xfinity sendoug out non-private links to its customers?

 

 

Highlighted
Expert

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@TomPMRI wrote:

I received an email from xfinity@emails.xfinity.com today that asked me to click on a link to "Update your settings."  When I did, my browser presented me with the following message:

 

This Connection Is Not Private

This website may be impersonating “emails.xfinity.com” to steal your personal or financial information. You should go back to the previous page."

 

I did call Xfinity support and was told that they see no record of this email being sent out.  I have received other emails with this address (the updated Comcast Customer Privacy Policy was sent this way).   So, is this legit, or is someone phishing for Xfinity's customers' information?  If it's the former, then why is Xfinity sendoug out non-private links to its customers?

 

 


It is not legitimate.  Whenever you get an email like this hover your mouse over the link and look in the lower left corner and you should see where the link points to.

 

To report this go to https://internetsecurity.xfinity.com/help/report-abuse/ and scroll down to the Report Spam and Phishing Emails tab.


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
Regular Contributor

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

I also received this email this evening.

 

Here is the text that is included in the email referred to above (bolding in the message is theirs, not mine):

 

From 9/24/2019–10/1/2019, we're making changes to improve security for Comcast.net email accounts.

As a result of these changes, you'll need to update your outgoing email server settings for the email address xxxxxxxxxxxxx@comcast.net to avoid compromising your customer login credentials when using a third-party email app such as Outlook.

If you do not update your settings your customer login credentials may be vulnerable to certain security issues. You'll also no longer be able to send emails through a third-party app.

These updates will only take a few minutes. Click below for step-by-step instructions.

 

Hovering over the 'Update your settings' button reveals a URL that looks like this:

 

(https://)  emails.xfinity.com/pub/cc?_ri_=(very long string of mixed charaters appended here)

 

The From address is:  xfinity@emails.xfinity.com

 

The Reply to address is: reply@emails.xfinity.com

Highlighted
Frequent Visitor

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

I have the same question.  Got the same email today and immediately moved it to Spam.  But I am not sure.

Highlighted
Gold Problem Solver

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@ggeinec wrote: ... As a result of these changes, you'll need to update your outgoing email server settings ... (https://)  emails.xfinity.com/pub/cc?_ri_=(very long string of mixed charaters appended here) ... From address is:  xfinity@emails.xfinity.com ... Reply to address is: reply@emails.xfinity.com

That looks legitimate. If you can check the message in webmail, look for the Xfinity Verified logo -- see https://www.xfinity.com/support/articles/comcast-verified-email. Any legitimate email from Comcast/Xfinity should have the logo when viewed at https://connect.xfinity.com/.

Highlighted
Regular Contributor

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@BruceW wrote:

@ggeinec wrote: ... As a result of these changes, you'll need to update your outgoing email server settings ... (https://)  emails.xfinity.com/pub/cc?_ri_=(very long string of mixed charaters appended here) ... From address is:  xfinity@emails.xfinity.com ... Reply to address is: reply@emails.xfinity.com

That looks legitimate. If you can check the message in webmail, look for the Xfinity Verified logo -- see https://www.xfinity.com/support/articles/comcast-verified-email. Any legitimate email from Comcast/Xfinity should have the logo when viewed at https://connect.xfinity.com/.


Unfortunately my email client downloaded the message to my PC when I opened it a couple of days ago it no longer exists in my Comcast webmail inbox.

 

Isn't there someone at Comcast who can vouch for the legitimacy of this email? One would think with something like this that will affect a lot of users a lot of folks there would be aware of it.

 

Thanks!

Highlighted
Regular Contributor

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

I got the same email last night. Is there a legit Xfinity person who can confirm one way or another???

Highlighted
Expert

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@stevetefft wrote:

I got the same email last night. Is there a legit Xfinity person who can confirm one way or another???


I did confirm it, but you know that now.


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
Bronze Problem Solver

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

Yes, these are legitimate.  We're asking users to ensure they are using secure connection methods when sending email using a third party client:

 

https://www.xfinity.com/support/articles/update-your-xfinity-email-settings

 

The URL has instructions for many common mail clients.


I am a Retired Official Comcast Employee and no longer actively support the Xfinity Forum.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a post as the Best Answer!
Highlighted
Regular Contributor

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

Thanks for your response.

 

And thanks for providing the direct link to the page with instructions for how to update our email settings.

 

We are conditioned that it is a good security practice to NEVER click on links in emails and to instead type in URLs that we know are legitimate.

 

Given that, I expect many of us would be more comfortable being told where we can go on the Comcast site to find instructions on how to update our email settings so we can login to the site knowing we are going to a legitimate page.

 

Would it be possible to include such instructions along with the button in future email messages of this type?

 

Thanks!

Bronze Problem Solver

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

I can pass that request on to the folks that design these communications.


I am a Retired Official Comcast Employee and no longer actively support the Xfinity Forum.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a post as the Best Answer!
Highlighted
Expert

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@CCAntiSpam wrote:

Yes, these are legitimate.  We're asking users to ensure they are using secure connection methods when sending email using a third party client:

 

https://www.xfinity.com/support/articles/update-your-xfinity-email-settings

 

The URL has instructions for many common mail clients.


Why would this email go out a full 10 months AFTER this change went into effect?

 

This post dated 10-10-2018 from @ComcastJessie notifies people here about this change.

 

I'm sorry, but this makes no sense.


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
Bronze Problem Solver

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

Sorry for the confusion. That action focused on IMAP/POP, this one is on SMTP. I know there's some overlap with the instructions.

I am a Retired Official Comcast Employee and no longer actively support the Xfinity Forum.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a post as the Best Answer!
Highlighted
Expert

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@CCAntiSpam wrote:
Sorry for the confusion. That action focused on IMAP/POP, this one is on SMTP. I know there's some overlap with the instructions.

It should be posted an pinned here, then.  Smiley Wink


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Highlighted
New Poster

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

Thanks--I've also received those emails but a search today of my Comcast.net online account did not show them and & I could find no info on the Xfinity site; I'm glad I was suspicious--will report & delete

Highlighted
Bronze Problem Solver

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

@jgt_Sarasota These are legitimate, please read the whole thread.


I am a Retired Official Comcast Employee and no longer actively support the Xfinity Forum.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark a post as the Best Answer!
Highlighted
Gold Problem Solver

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@jgt_Sarasota wrote: ... I've also received those emails ...

As above, if you can check the message in webmail, look for the Xfinity Verified logo -- see https://www.xfinity.com/support/articles/comcast-verified-email. Any legitimate email from Comcast/Xfinity should have the logo when viewed at https://connect.xfinity.com/.

Highlighted
Frequent Visitor

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

update 

Highlighted
Gold Problem Solver

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?


@dearbaby wrote: update 

Your message is unclear. What do you need help with?

Highlighted
New Poster

Re: Is the email "ACTION REQUIRED: update your comcast.net settings soon" Legit?

Thank you.  I received an email that was supposedly from action@comcast.net referencing sync problems, which I have been having. It even had error details. Hovered and saw a link that definitely was not Comcast.  Will be reporting.