Affected
Operational from 5:01 PM to 8:52 PM
- ResolvedResolved
Outbound email to Comcast has been restored. Exactly 105 emails were halted by this block. We have in place significant mitigations that should begin to discourage this attacker from continuing to seek out our platform.
- IdentifiedIdentified
To mitigate a threat to our platform and IP reputation, we have temporarily disabled outbound email to comcast.net. We are working on stronger mitigation to this which does not impact legitimate email. However, the attacker is presently a few steps ahead of us.
By all appearances, an individual who desires to send Comcast phishing emails has purchased multiple accounts from resellers, some accounts sitting dormant for as long as 4 months. We keep terminating their accounts as we identify them, but from the outside the only reasonable conclusion is that we appear to be taking no action to halt this activity on our platform. Because, to put it simply, our termination efforts have not effectively halted these outbound emails for the last 72 hours. Playing whack-a-mole may be entertaining, but we believe that it would be better for users to be unable to send email to Comcast for a few hours than any other short term option.