More and more, legitimate-looking advertising served on major websites turn out to be malicious. CyberCriminals pay for and post ads, which they hope you click on. BUT if you click on the malicious ads, you are redirected to a compromised website which may infect your computer and/or disply pop-ups that claim your PC has a virus and provide a toll-free number for “Tech Support” who will “fix” your PC, but really just want your credit card information.
Comcast is the largest ISP in the U.S. and have thousands of business users. This makes them a prime target for a social engineering attack by CyberCriminals.
Threat #1: Malicious Ad
Comcast has a search page called Xfinity that serves tons of searches. On this page is a malicious ad (served by Google) from “Sat TV Pro” which claims to compare Direct TV to Comcast TV. If you click on the ad, you are redirected to a compromised site which has an Exploit Kit (EK) running.
Threat #2: Infection
The EK first infects the workstation with ransomware, then redirects to a fake Xfinity site.
Threat #3: Extortion
The fake Xfinity site pops up, with a message allegedly from “Comcast’s security plugin”. The message states that the workstation is infection (which is correct, because they just did it!), and the user needs to call “tech support”, for which they provide a toll-free number. If you call the toll-free number provided, you get fake “Tech Support”, which is actually scammers who try to get your credit card information to “fix” the box.
How to Avoid This Scam
- Keep updates up-to-date to avoid security holes.
- Use up-to-date software. Old software versions may be cheaper and “familiar”, but they may no longer be supported by their manufacturer. This means that the software manufacturer no longer releases security patches (to “patch” up known security holes). This leaves your computer, and any computer on your network, vulnerable.
- Do not click on any suspicious ads or links (in ads or in emails).
- Do not open emails or click on links from unknown senders.
- Do not open emails or click on links from “uncharacteristic” emails from known senders. Example – it’s unlikely that the CEO of your company, or your Great-Aunt Freda, would send you penis-enlargement information.
- Make sure staff and employees know about current security alerts. Not sure what they are? Visit our ALERTS page to find out!
- Provide Security Awareness Training for your employees.
Not sure if your company is safe? Ask us for a FREE Network Security Assessment!
Check out our “Email Red Flags” for what to watch for in suspicious emails.