Reminders that scammers and hackers are clever

  • Thread starter Thread starter berkeman
  • Start date Start date
  • Tags Tags
    hackers
AI Thread Summary
A recent experience highlighted the dangers of phishing scams, particularly through text messages. A user received a seemingly legitimate message from Xfinity about upgrading their cable modem, which included a link for more information. They wisely refrained from clicking the link and opted to check their Xfinity account directly. Subsequent messages claimed that equipment had shipped and been delivered, raising suspicion when no package arrived. The situation escalated when the user discovered that their cell phone provider had blocked all texts from Xfinity, likely due to the scammer spoofing Xfinity's domain. This incident underscores the importance of not clicking on links in unsolicited messages and instead verifying information through official channels. Additionally, discussions revealed other scams, including a fraudulent Patagonia website that misled a user into making a purchase, emphasizing the need for vigilance against online scams. Overall, the key takeaway is to remain cautious and verify communications independently to avoid falling victim to scams.
berkeman
Admin
Messages
69,099
Reaction score
23,978
I managed to avoid a scam/hack over the last couple of days, but it was close. It might be good if we post similar hacks that we've avoided, in order to remind others of things to watch out for.

I received a text a couple days ago from Xfinity (who we use at home for Internet and TV) saying that if we wanted to keep using Xfinity On Demand, we needed to upgrade our cable modem, and the new equipment would be provided free of charge (not that strange, since my wife does use that service and we are long-time users of Xfinity). The text had a link to click for more information.

Of course I didn't click the link yet, even though the text looked totally valid. I mentioned it to my wife, and mentioned that I'd check our online Xfinity account to see if it also mentioned this issue in our messages.

A day later before I could check our online account, I got another text from Xfinity saying that the equipment had shipped (WITW), and would be delivered the next day. The next day I got another text saying that the equipment had been delivered, and "Let's get started!"

I checked all the normal delivery places (porch, mailbox, etc.), and no joy, so that increased my suspicion even more. I had an issue with the real Xfinity website over the past couple of days trying to pay our bill using 2-factor authentication, but their texts with the authentication numbers weren't coming through...

So in the final analysis, it looks like this scammer using the Xfinity source domain (spoofed) had caused my cell phone company to block all texts from Xfinity, including valid ones. It took several hours online with my cell phone provider to straighten this out, and give me access to the Xfinity texts again (at which point I got like 20 queued up texts from them).

So the familiar lesson from this is don't click on a link in an e-mail or text, even if it looks like a valid source. Go to their trusted website independently to look for the same information. Lordy.
 
Last edited:
  • Like
  • Informative
  • Wow
Likes dlgoff, jtbell, Wrichik Basu and 6 others
Computer science news on Phys.org
berkeman said:
So the familar lesson from this is don't click on a link in an e-mail or text, even if it looks like a valid source. Go to their trusted website independently to look for the same information.
That is a good takeaway from your experience.
Good job in avoiding the scam! I am very cautious and maybe even paranoid, but I still am afraid that I will fall for something when I get too old to catch on.

I'm not sure why your two-factor authentication did not protect your Xfinity account. It sounds like the scammers pretended to be Xfinity to your cell phone service and had them block all the Xfinity two-factor verification code messages. Did the phone service fall for that? Weren't they suspicious that Xfinity seemed to be wanting to block their own messages?
 
The scam we ran into a couple of years ago was a bogus Patagonia website. My wife was looking for bargains and this site popped up with some really good deals. She ordered some items and upon placing the order using PayPal realized that something was amiss as it said payment went to some dude in China.

We called PayPal to stop payment but because she used a guest account we couldn’t stop it. PayPal customer service failed to resolve it passing it from agent to agent each asking for the same info several times and then said it’s too late now, work with your CC company. We went to the backing charge card company and stopped payment and filed a report.

The CC company contacted the seller who claimed the product was shipped and that they had proof. We received nothing and we’re stunned by what transpired.

The seller in China had setup up a clone of the Patagonia website. There were some telltale things like misspellings and grammar in spots. One thing stood out for me though they had a statement saying literally “we are anti-racist company” on the bottom of their about the company page.

The seller would drop ship a CrackerJack toy coin from a NJ warehouse to get the needed “proof” of sending the item. The billing invoice we got after purchase didn’t have the items listed explicitly. The credit card company took all this as proof that we bought something and received it. The seller was careful to keep the purchase under $100 to avoid USPS wire fraud charges.

However, I had captured the website and related items showing it to be fake. The website disappeared shortly thereafter and I found other users scammed the same way on PayPal’s community forums. The credit card company finally agreed and reversed the charges although I suspect they took a hit instead.
 
FactChecker said:
I'm not sure why your two-factor authentication did not protect your Xfinity account. It sounds like the scammers pretended to be Xfinity to your cell phone service and had them block all the Xfinity two-factor verification code messages. Did the phone service fall for that? Weren't they suspicious that Xfinity seemed to be wanting to block their own messages?
I'm not exactly sure what happened, but I think because the scammer sent the initial text to my phone, Verizon must have detected that it was spam/scam and blocked the Xfinity domain from sending me any more texts. That had the effect of me not getting my 2-factor authentication number when I tried to pay my monthly bill, and also had side effects blocking some other sources of texts. This was a big problem, especially since I have a medical shift coming up this weekend, and can't afford to miss potential related text messages.

Through a lot of my own debug and finally with help from Verizon, I was able to receive texts from other users/companies, but still not Xfinity. In one of my last messages in my conversation with Verizon, they said that their side of things was fine, so the remaining problem had to be with Xfinity.

It seemed to resolve itself the next day, as all of my overdue Xfinity 2-factor ID texts came through all at once, and things seem normal for now.
 
  • Like
Likes FactChecker
berkeman said:
So the familiar lesson from this is don't click on a link in an e-mail or text, even if it looks like a valid source. Go to their trusted website independently to look for the same information. Lordy.
So endeth the net...with a whimper, not a bang.
 
  • Like
  • Wow
Likes russ_watters and FactChecker
Back
Top