KnowBe4 Warns of New Threat Targeting Comcast Customers

Share Article

KnowBe4 issues alert noting Comcast has been made a target of social engineering through malicious ads and ransomware

Ransomware found by Malwarebytes

Comcast's Xfinity page targeted

It is like playing whack-a-mole with the cyber bad guys.They are constantly changing what they are doing. -- Stu Sjouwerman, CEO KnowBe4

KnowBe4, experts in new school security awareness training combined with simulated phishing attacks, warned its users of a new triple threat targeting Comcast, the largest home Internet Service Provider in the US. Discovered by Malwarebytes, the threat involves social engineering employees to click on a malicious ad which infects their computer with ransomware, and then redirecting them to a fake Comcast search site with a pop up message that pretends to be a security plugin but promotes a scam phone number to call tech support to “fix” the problem.

KnowBe4’s CEO Stu Sjouwerman said: “Comcast also has many thousands of business users, so it is no wonder they are the target of a sophisticated social engineering attack. You can expect to see other ISPs being attacked in much the same way. It is like playing whack-a-mole with the cyber bad guys.They are constantly changing what they are doing.”

According a technical analysis, Comcast has a search page called Xfininity that serves high numbers of searches. On this page is a malicious ad (served by Google) from "Sat TV Pro" which claims to compare Direct TV to Comcast TV. The user clicks and gets redirected to a compromised site which has an exploit kit running. This is where the machines get infected with ransomware. After the computer is infected the users is redirected to a fake Xfinity site with a tech support scam.

Sjouwerman says cyber gangs “get craftier by the month with these ‘double payloads’ where social engineering, exploit kits, and ransomware are combined. If they don't get you one way they will try to get you the other way. This is a good example of cyber crime gangs cooperating and sharing ‘revenues’ because the toll-free scammers are not the same gangs as the ransomware developers.

Sjouwerman recommends users stay vigilant and offer the following tips:

“* Don't click on links in emails but go to the website you want to visit using your browser.

  • Do not click on display ads on websites but go to the website you want to visit using your browser.
  • If you get popups that claim your computer has a virus and you need to dial a toll-free number, close your browser, and if this happens in the office, call the IT helpdesk. “
  • Update your applications at home to their latest versions. If you don't do that, and you wind up on a compromised website, it will try to install malware on your computer. Remember, both in the office and at the house, you need to "Think Before You Click."

Sjouwerman pointed out, “Many threats like this which are not detected with security software can be stopped dead in their tracks by creating a strong security culture within an organization and giving employees the tools and training to become a human firewall. We are so confident our security awareness training program works, we’ll pay your ransom if you get hit with ransomware while you are a customer.”

Click here for a free Ransomware Hostage Rescue Manual, visit http://www.knowbe4.com for more information.

About Stu Sjouwerman and KnowBe4
Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which hosts the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help organizations manage the problem of cybercrime social engineering tactics through new school security awareness training. KnowBe4 services 2300 organizations in a variety of industries, including highly-regulated fields such as healthcare, finance, energy, government and insurance and is experiencing explosive yearly growth of 300%. Sjouwerman is the author of four books, with his latest being “Cyberheist: The Biggest Financial Threat Facing American Businesses.”

About Kevin Mitnick
Kevin Mitnick, ‘the World’s Most Famous Hacker’, is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecom devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and keynote speaker and has authored four books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC as its Chief Hacking Officer.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Kathy Wattman
KnowBe4, LLC
+1 (727) 474-9950
Email >
Visit website