Comcast scam

Posted by in Security+ | 0 comments

Have you heard about this recent Comcast scam that combines several exploits including:

  • Malvertisements
    Legitimate looking, but malicious ads served by Google
  • Drive-by downloads
    Click the malvertisement and it takes you to a malicious site that attempts to download malware onto your computer
  • Ransomware
    Software that takes control of your data and attempts to extort a ransom from you to get it back
  • Social engineering
    A pop-up that tells you to call a 1-800 number for technical support, where a criminal is waiting to take your credit card

ComcastScam

This is one of the reasons why so many companies value employees that have a basic understanding of security. Even when Security+ isn’t a job requirement, it often adds enough value to your resume to get you a job interview.

Get Certified Get Ahead

I heard about this Comcast scam through KnowBe4.  Here’s a cut and paste from their blog post.

More and more, legit-looking advertising served on major websites turns out to be malicious. Bad guys pay for and posts ads that they hope you will click on. But if you click on those ads, you get redirected to a compromised website. That malicious site might infect your computer with ransomware, and/or display popups that claim your PC has a virus and tell you to dial a toll-free number. If you call that number it will be answered by scammers who claim they are Microsoft but will try to charge your credit card to fix your computer. What to do? You need to stay vigilant at all times and “Think Before You Click”:

  • Don’t click on links in emails but go to the website you want to visit using your browser. 
  • Do not click on display ads on websites but go to the website you want to visit using your browser. 
  • If you get popups that claim your computer has a virus and you need to dial a toll-free number, close your browser, and if this happens in the office, call the IT helpdesk. 

In the office, IT will update your computer with the latest versions of software, but at the house you also need to update your applications to their latest versions. If you don’t do that, and you wind up on a compromised website, it will try to install malware on your computer. Remember, both in the office and at the house, you need to “Think Before You Click“.

Unfortunately, this isn’t just a Comcast scam. You can expect criminals to repurpose this attack to other Internet service providers soon.

Knowledge thwarts these attacks. The blog post encourages people to copy and paste the information and send it to family, friends, and employees. You can also just send them this link: http://blogs.getcertifiedgetahead.com/comcast-scam/.

CompTIA Security+ Study Guide (SY0-401)

The 401 Version of the Study Guide is Now Available

SY0-401 Study GuideThe CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide is an update to the top-selling SY0-201 and SY0-301 study guides, which have helped thousands of readers pass the exam the first time they took it.

CompTIA Authorized Quality Content (CAQC)After a comprehensive review by ProCert Labs, the SY0-401 version has been certified as CompTIA Approved Quality Content (CAQC) and covers every aspect of the SY0-401 exam.

It includes the same elements readers raved about in the previous two versions.

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.


Click for Free Preview


Over 400 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

  • A 100 question pre-test
  • A 100 question post-test
  • Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-401 study guide is for any IT or security professional interested in advancing in their field, and a must read for anyone striving to master the basics of IT security.

Kindle edition also available.

Leave a Comment

CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

Subscribe To Our Newsletter

Join our mailing list and get a free excerpt of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.  This excerpt includes the introduction and Chapter 1. 

You have Successfully Subscribed!

Get Certified Get Ahead is a participant in the Amazon Services LLC Associates Program,
an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.

Copyright © 2015 Get Certified Get Ahead. All Rights Reserved.