U

Tuesday, November 12th, 2024 1:33 AM

presumed phishing attack spoofing xfinity rewards

A strange page opened on my browser, which claimed it was a survey from Xfinity rewards.  Here is the url that appeared in my address bar:

https://rtbwin.xyz/bonus/com-us-5490/global-bb.php?c=5vz19halkz9oz4&k=00c8427dd3b58560b768d63e47370c51&country_code=US&carrier=-&country_name=United%20States&region=Virginia&city=Sterling&isp=Comcast%20Cable%20Communications,%20LLC&lang=en&os=Windows%2010&osv=&browser=Firefox&browserv=132&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&e=5

I don't recall hitting a link in an e-mail or a website that might have opened this page, but it looks very suspicious.  The domain name has a very suspicious registration, and is allegedly based in Iceland.

I kept a screenshot, but can't post it here.

I'd like to be sure Xfinity knows about it.

Official Employee

 • 

1.7K Messages

10 days ago

Good evening @user_nywv1q, and thank you for reaching out on our Community Forums, we appreciate it. Thank you for letting us know about this phishing attack. I would encourage you to report this to our dedicated Customer Security Assurance (CSA) team here https://internetsecurity.xfinity.com/help/report-abuse.

 

forum icon

New to the Community?

Start Here