If you received a warning from Comcast last weekend that one or more of your home computers connected to Xfinity Internet service may have been infected with a bot, you may be able to rest easy.
Today, Comcast acknowledged an unspecified number of its customers nationally were “incorrectly notified.”
Between September 4 and 8, according to a Comcast spokesman, “a small percentage” of its customers were sent an email titled “Constant Guard Service Alert” that read:
Dear XFINITY Customer,
XFINITY identified one or more of your computers may be infected with a bot. You might have already seen an Alert from XFINITY informing you about bot activity.
We strongly recommend you take action to remove malicious software from your computers.
We appreciate your prompt attention to this important security notice.
Constant Guard from XFINITY
An embedded link took customers to a page that listed seven possibly time-consuming steps, from the simple (“Update Java and Flash”) to the potentially unnecessary (“Get Identity Theft Protection”). I was one of the Comcast customers who received the alert on Sunday, and quickly jumped to the step of running Microsoft’s Malicious Software Removal Tool. It found no bots or malware on two different laptops.
The Comcast spokesman now says the cause of the false-positive emails was, “an inadvertent update to our systems by our malware detection service provider, and we’re sending communications to those customers to let them know that this email was sent in error. Any notifications received by our customers outside of this timeframe should be considered legitimate.”
In addition, the spokesman says, notices are being posted today on tech forums such as DSL Reports.
The spokesman added that if a customer really was infected and no steps were taken to address it, there would have been a series of follow-up alerts. Rather than (as was likely the case for many) just wasted time or unnecessary concern.