:quality(70):focal(183x186:193x196)/cloudfront-us-east-1.images.arcpublishing.com/shawmedia/TBL3JC5LBFGHRD5B53IILCUSBM.jpg)
A New Lenox resident lost $12,924 after clicking the link on a phishing email that appeared to come from Xfinity, police said.
Officers responded to the complaint at 2:15 p.m. last Friday and learned a resident received a phishing email that appeared to come from Xfinity, which is a brand name for Comcast.
The resident clicked on a link in the email but did not enter any personal information, according to a statement from the New Lenox Police Department.
The resident later learned their cellphone number was “ported to a different provider and several of their financial accounts were hacked,” police said.
About $12,924 was removed from the accounts, police said.
The case remains under investigation.
Comcast will never ask customers for password information over the phone, chat, or email, according to Xfinity’s website.
The company will also never ask for billing or payment information through email.
What to look for, how to protect yourself
Scammers will send an “unexpected email or text message that looks like it’s from a company you know or trust, like a bank or credit card or utility company,” according to the Federal Trade Commission.
“If you think you clicked on a link or opened an attachment that downloaded harmful software, update your computer’s security software. Then run a scan and remove anything it identifies as a problem,” according to the FTC.
Emails and texts from scammers will claim people have suspicious activity or log-in attempts on their accounts, or they need confirmation on personal or financial information, according to the FTC.
The suspicious emails and texts will also claim people are eligible for government funds or coupons.
If an email or text looks suspicious, the FTC recommends contacting the company using their real phone number and website and not the information provided in either the email or text.
The FTC recommends setting software on computers and cellphones to update automatically and use extra security such as multi-factor authentication.