Skip to main content

Threats and Prevention

Think of this section as your very own decoder ring for Internet security, from terminology to tips and troubleshooting.

The names for the most common types of Internet invaders are always changing, but the goals are the same-someone or something is trying to access your computer to use it in a way you normally wouldn't allow. Fortunately, with a little know-how and the right tools you can stop most threats in their tracks.

A backdoor is not malware, but a method of bypassing authentication to secure access to a device. A backdoor often gains access to a device before a virus or Trojan, since doing so facilitates the transfer of other threats.
A bot is a malicious form of software that could use your device to send spam, host a phishing site or steal your identity by monitoring your keystrokes. Botnets are composed of individual bots-sometimes numbering in the hundreds of thousands. They are then used to spread viruses and attack other devices and servers.
A piece of software which captures a user's strokes on a keyboard. This software can be distributed through a Trojan horse or virus to hack into and capture private information from an unsuspecting user.
Malware is short for "malicious software" that is designed to cripple your device or destroy your information. Malware includes viruses, worms, spyware, Trojans and other threats.
Mobile Threats
Most malware for mobile devices consists of Trojans that pose as legitimate applications often found on mobile application marketplaces in the hope that users will download and install them. On some occasions, attackers take popular legitimate applications and add malicious code.
The attempt of acquiring personally sensitive information by sending an email to a user falsely claiming to be a legitimate business. A phishing email will direct the user to a fake website posing as a legitimate one where users are asked to update personal information, such as passwords, credit cards, social security- or bank account numbers.
A set of software tools that enables an unauthorized user to gain control of a computer system without being detected.
Security threats on Public WiFi
Whenever you connect to a public WiFi you cannot be sure that the network is safe from hackers or surveillance. It is relatively easy for any criminal to set up a rogue access point and lure people to connect to it. By recording or forwarding the traffic to a phishing site online, criminals can obtain login credentials and other private information from the user.
Spyware is software that performs certain behaviors, such as filling your screen with advertising pop-ups (such programs are known as adware), collecting or transmitting personal information (through KeyLoggers listed above), or changing the configuration of your device, generally without your consent. Spyware can find its way onto your device through free software downloads, malicious or compromised websites, clicking on pop-up ads, file transfers over instant messaging, or opening infected email attachments.
Most websites track their visitors' online activity using techniques like cookies and tracking pixels. Online tracking is used to track private browsing as market research or as a way to target advertising. Many websites share tracking information with other websites and networks. By using online tracking, advertising companies can create online profiles as a basis for targeted marketing.
Trojans are malicious code that users unwittingly install onto their devices, most commonly through either opening email attachments or downloading from the Internet. Trojans are often downloaded and installed by other malicious code as well. Trojan programs differ from worms and viruses in that they do not propagate themselves.
A virus is a piece of computer code that attaches itself to a program or file so it can easily spread from device to device and is usually meant to damage your software, hardware, and files.
Worms are malicious code threats that automatically copy themselves from one device to another.
Zero-day Vulnerability
A zero-day vulnerability is a software vulnerability which is exploited by hackers before it becomes public knowledge, usually prior to a patch becoming publicly available.

Is your device's performance slowing down? Do you wonder why your home page keeps changing or where those pop-ups come from? You can prevent those annoyances and threats with proper prevention, tools and monitoring.

Use anti-virus & anti-phishing software
Many viruses, worms, spyware, malware, and Trojans can be detected and removed by anti-virus/anti-malware software. If you haven't done so already, click here to download Norton™ Security Suite free for Xfinity® Internet customers (Mac users click here). Norton Mobile Security is also available here for Xfinity Internet customers at a special rate. When it comes to security, additional anti-malware provides additional layers of protection. The Xfinity Toolbar, free for Xfinity Internet customers, features anti-malware software and anti-phishing functionality for safe searching. Click here for more information about the Xfinity toolbar.
Enable your firewall
Firewalls are one of several means for blocking online threats. Most devices include firewalls; please ensure that yours is turned on. In addition, as an Xfinity Internet subscriber, you can download Norton Security Suite that includes firewall software protection to help conceal your computer from hackers and spyware (Mac users click here).
Secure your wireless routers and modems
Wireless routers allow connections between your device, other devices, and the Internet through a wireless network. Home devices may also directly connect to the internet via a wireless modem. Verify router or modem settings to ensure your network's WPA2 encryption is enabled, so that data transmitted from your device cannot be intercepted by third parties. If your existing encryption options include WEP or WPA, consider upgrading your firmware since these encryption technologies are outdated and susceptible to hacking.
Keep your software and OS up-to-date

Outdated software and operating systems (OS) are vulnerable to attacks. Ensure your software and OS are up-to-date. Outdated Java and Adobe Flash versions are particularly susceptible to malware infections.

Enable your security software and OS to apply updates automatically

To enable automatic updates on Windows or Mac:

Update and safeguard your passwords
Many internet users create passwords that can be easily deciphered and stolen. Combine letters, numbers and symbols to create unique passwords and update frequently. Consider using a password manager to securely store your passwords. Norton Security Suite, free for Xfinity Internet customers, includes a password manager named Identity Safe (click here to download). You may also download Identity Safe as a free standalone product.
Use VPN when on public WiFi
VPN stands for "Virtual Private Network." VPN enables your mobile device or desktop to send and receive data - encrypted and privately - across public networks as if your were directly connected to the remote network. When using a VPN, no one can read the data you are sending or receiving. Therefore, when connecting to public wifi or hotspots, it is best practice to utilize a VPN to protect your personal information and data.
Protect your identity
Regularly monitor your personal information and online accounts to prevent yourself from becoming a victim of identity theft. For information on additional protection of your personal information and activity click here to find out about Identity Guard's free or value-added services.
Protect your children's identity
Be aware of your children's online and social networking activities. Educate your children on internet threats and inappropriate behavior. Click here for further information on Parental Controls.
Beware of dangerous links
Avoid clicking on links in emails or text messages, unless you specifically asked for these to be sent to you. Also beware of links on pop-up ads and banners; these can be fraudulent and can infect your device and compromise your identity.
Your mobile device can be infected by malware as easily as your computer
Exercise the same level of threat prevention on your mobile device as your computer, which includes using security software. Click here to download Norton Mobile Security at a special rate for Xfinity Internet customers.

In addition to what you can do to prevent threats, which includes the free Norton Security Suite and Xfinity Toolbar featuring anti-malware software and anti-phishing functionality, and as an ongoing initiative to make the internet safer for its customers, Constant Guard offers tools to detect and remediate against bots, and verify the authenticity of websites accessed.

Bot Threats

As an added service of Constant Guard, we may notify you if we believe a device in your home may be infected with a bot. The notification will advise you to follow the steps outlined here to remove the bot from your device and prevent future attacks. Click here to run our instant bot detection test.


DNSSEC (Domain Name System Security Extensions) allows websites and Internet Service Providers (ISPs) to validate domain names to ensure they haven't been tampered with, compromising your online security.

DNSSEC is part of Constant Guard, which helps provide you with the best and safest online experience possible. With DNSSEC, a website name such as is signed into the Domain Name System (DNS). Then, when you try to connect to that website, the Comcast DNS servers verify its security signature. You will only be connected if the website passes the verification process, which happens so quickly you shouldn't even notice that it's being done. If validation fails on a website, you'll receive a "page not found" or "server not found" error. This process prevents hackers from re-directing you to fake, phishing, or criminal sites.

A bot is a malicious form of software that could use your computer to send spam, host a phishing site or steal your identity by monitoring your keystrokes. As a new feature of Constant Guard, we may notify you if we believe a computer behind your cable modem may be infected with a bot. The notification will advise you to follow the recommended steps to remove the bot from your computer. Follow these steps below to remove malicious software from your computers and protect your identity.

Find the Bot

Validate your computer is infected with a bot by visiting our Bot Detection website.

Remove the Bot

Remove malicious software and protect your computer. We suggest that you run the following tools until you receive confirmation that your system is no longer infected:

Following successful removal of the infection, please consider changing all of your passwords, since they may have been compromised.

Prevent future attacks

Download free Norton software: As with other software, ensure that your security software is also up-to-date. If you haven't downloaded the top-rated Norton Security Suite, which is free to Xfinity Internet customers, click here to download now (Mac users click here).

Install the Xfinity Toolbar for additional protection: In addition to access to your favorite content, shows, movies and email from one convenient location, the Xfinity toolbar features anti-phishing functionality for safe web searching. It also includes the Constant Guard Anti-Malware scanner, which automatically scans your files and folders or can be scheduled at your convenience. This scanner provides an additional layer of protection to the Norton product suite and is free to Xfinity Internet customers. Click here to download now.

Update Your Software, Browsers and Operating System: Outdated Java and Adobe Flash versions are particularly vulnerable to virus infections.

Update your computer

Check the Microsoft Update Server to view the latest updates for my version of Windows OS.

Check the Apple Update Server to view the latest updates for my version of Mac OS.

Protect your identity

Enroll in Identity Guard to proactively help protect your identity. When your computer has been compromised, your identity may also be at risk. Get identity theft protection - Identity Guard detects whether your credit cards, bank account numbers, or Social Security number are at risk for identity theft. It monitors your personal information and helps you detect any fraudulent activity.