If you are a Comcast Xfinity Internet customer who has gotten a terrifying letter in the mail, it turns out the letter is real.
"One or more of the devices connected to your network are infected with malware," reads the letter. "This allows the cyber criminal to redirect your computer and other devices to website that may look legitimate, but are fraudulent and intended to steal your personal information and website logins and passwords."
The letter is sent via postal mail or email to homes where a Comcast security adviser has detected a computer attempting to access a malware server. It is not possible for Comcast to know which computer in the home has been infected by the virus.
The letter can be terrifying because it comes with a bolded, underlined title reading "Action required by [date] to protect your service" and then goes on to state that the servers the malware used will be "taken offline" immediately "by law enforcement officers. Any devices that still use these servers will not be able to access the Internet." The letter instructs the homeowner to "remove the DNS changer bot" and then "restore your computer's DNS settings" and do the same on your wireless router. If you don't know how, the letter directs customers to call Comcast and sign up for a service plan that will remove the malware for you if you pay $80 up front and agree to a $20 per month contract in addition to your monthly Internet charges. Comcast also has a website set up to help guide people who want to attempt to remove the malware.
Ray Child, Comcast spokesman, would not reveal how many local customers are receiving the letters, but a customer service representative said many people are getting them. Child also told the Daily Herald that the only law enforcement participation is from police looking for hackers. A Comcast website said the letter refers to FBI stings on those who generate malware and try to steal customer information. Child told the Daily Herald that despite the warning, Comcast will not cut service to anyone who gets the letter.
For the vast majority of the public, who wouldn't know how to "remove the DNS Changer Bot" as instructed in the letter, Child explained that "bot" is technology that "unscrupulous people can use to gain control and command of your home computer and use the computer almost like a zombie to do whatever they want the computer to do."
This potentially means the customer's personal information is exposed, but Comcast cannot do anything about this itself because the malware infects personal computers and not Comcast services.
"This is not a widespread issue," Child said. "From time to time some of our customers are in this situation. We are doing our best to proactively help them avoid computer viruses and problems."
For information, visit http://xfinity.com/dnsbot.