Heuristics.Phishing.Email.SpoofedDomain FOUND

Okay-

I have John and Galt & MadMacs0 saying possibility of malware on a Guest Network.

But then Linc Davis saying the Comcast email itself is a scam.

Can't be both. I'm now on hold with Comcast after 4 numbers to call and lots of menus. I want to find out if it's a legitimate Comcast email.

Talked to Comcast security. They did send the email. She said a bot was detected on one of the computers. The bot is associated with an IP Address, but she didn't have an IP address to give me. Told her about the Main & Guest Network, but she couldn't tell me from which Network or even if Comcast could tell which Network the bot was on.

She gave me this address to go to. http//:www.amibotted.net The site reads your IP Address and gives you the results basically as soon as the web page loads. My iMac has no bots according to the site. So now I guess I'll ask all the computers to visit the site.

But.. I deleted the email ClamXav said was infected. So I'll never know if it really was or was not.

Linc Davis wrote:

Comcast seems to send that message to all its subscribers. It's been reported here many times by people who have no Windows computers and no "bots." That doesn't mean that you couldn't have a Windows computer with a bot. The email tells you nothing.

I agree. But since the email is legitimate, I'll ask the people with the PC on the Network to go to the amibotted site and check. But even if the PC(s) has a bot, which wouldn't be a surprise, how can anyone be sure if Comcast infact can detect the bots or they just send the email out as a routine thing.

I hope I'm not sounding overly concerned because I'm not. I know ClamXav has flaws and Comcast tries to scare people and I know my machine is clean. I just want to follow thru and check the PC's on the Guest Network. Out of curiosity as well as not wanting any bots on the Network. But with PC's on the Network this may not be possible.

All the PC's on the Guest Network went to the Comcast "amibotted.net" site and no bots were detected.

So Comcast is either full of ...... or it was associated with the email ClamXav detected and I deleted.

Who Knows, thanks for the help

Linc Davis wrote:

But since the email is legitimate

The email is legitimate only in the sense that it did come from Comcast. It's not legitimate in the sense that Comcast is lying when it tells you it has detected a "bot" on your network. What's really happening is that it has a marketing agreement with Symantec to distribute the latter's useless crapware. It's free initially, but the future "upgrades" that you'll need in order to keep using it won't be.

This is most likely the case.

MadMacs0 wrote:

The e-mail itself was not infected with anything (except maybe a fake hyperlink) and the site you were taken to could not have downloaded anything to your Mac unless you had Java enabled in your browser. The only people I have heard of to suffer the last fate were Tibetan sympathizers.

No Java enabled in Safari, I'll have to think about the Tibetan Sympathizer thing, but all in all it was a bunch of nothing. Mentioning a virus, or bot in this case, in the Apple Forums, stirs up the juices.

Linc Davis wrote:

The Comcast email is a scam. Either ignore it or report it to your state Attorney General as the fraud that it is.

I will report this. The email clearly states XFINITY has identified one of my computers with a bot, which in the end is not true. For people in MA(USA) that received these emails from XFINITY Comcast you can File a Consumer Complaint Here. For other areas Search "Your States attorney general file a consumer complaint.