A phishing campaign targeting Comcast Xfinity customers uses deceptive emails claiming billing failures to harvest login credentials, credit card details, and Social Security numbers. The attack leverages fraudulent links and high-fidelity clones of the official login page to steal comprehensive personal and financial data.
Incident Report: This scam layout was intercepted, verified, and locked down firsthand by the
Antiphishing.bizsecurity team during our automated link scanning workflows. To protect the public, the phishing source domain has been safely deactivated within our infrastructure. We document and analyze these live visual patterns to help security researchers and users spot lookalike phishing methods before financial damage occurs.
This phishing method uses urgent, fake security alerts via email or SMS to trick users into visiting fraudulent websites, aiming to steal credentials and 2FA codes. Attackers frequently impersonate official services, creating a false sense of security risk to bypass critical thinking and harvest sensitive information. To avoid this scam, verify all requests directly through official apps or websites, and never click on unsolicited links.