bill-swift - June 6, 2012
Cybercriminals are becoming increasingly resourceful with their new brand of scams. Aside from replicating existing homepages and sites, they're also paying closer attention to details that make their bogus web pages seem more authentic.
Researchers from security firm Sophos have recently intercepted a number of Comcast-themed phishing emails that are trying to steal the recipients' account and login information. This type of email scam is fairly uncommon, but what sets this apart from the rest is the fact that they lead to pages bearing TRUSTe seals.
The scam email tricks users into clicking a link included in the email message to update their respective accounts.
The Constant Guard™ service has updated the Online Security of Comcast Users. To link your account to our new update you just need to re-login your account using the secure link bellow. The link will redirect you to our update login page.
-- Comcast Phishing Email Contents
The link redirects to a compromised webpage of an India-based institution, which was hacked because of a FrontPage server extension vulnerability. The URL now hosts an identical copy of the Comcast XFINITY login page with a TRUSTe logo at the bottom that lends fake credibility to the site.
TRUSTe has since responded to the issue, explaining that they were working to resolve the situation as quickly as possible to protect their brand and any involved users.
TRUSTe initiated its escalation process to have the site shut down. As an added precaution, TRUSTe has identified some security changes which it is implementing to prevent the launch of a Privacy Validation Page linked to the un-authorized use of the Privacy Seal.
-- TRUSTe Statement
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.