The U.S. Secret Service is investigating a bogus electronic mail sent last
week that tried to lure Comcast Corp. high-speed cable-modem users into giving
up their account and password information.
The e-mail, made to look like an official Comcast service message, referred a
small number of customers to a Web site, where it asked them to enter their
e-mail address and password. While the Web site was a copy of Comcast's own
customer-service portal, it was hosted by another Internet-service provider,
according to Comcast spokeswoman Sarah Eder.
Comcast was alerted to the scam by a customer, who became suspicious after
receiving the e-mail and called the MSO for more information.
"Within 25 minutes, we shut it off," Eder said. "We worked with the ISP to
shut down that site, and then we went and pulled all of the [bogus] e-mail off
of our servers that was going to various customers."
The MSO then notified the Secret Service, which is investigating the
This isn't the first time such a scam has targeted Comcast users. Eder said
there was another incident in late November and it was "similar in scope." In
that case, Comcast also was able to shut down the site, she added.
Comcast does have a message on its Web portal warning customers to be wary of
giving out their account passwords.
"Part of our education effort around this is to tell customers that we never
request a password, and that if a customer is ever asked for their password,
they should be suspicious and they should notify Comcast," Eder