Urgent! My computer has been infected by Bots!
Or so said a very odd email message I recently got, which appeared to be from cable giant Comcast. Or was it?
From: Comcast Security Assurance
Subject: Constant Guard Security Notice
Dear Comcast Customer,
Your immediate attention is required. Constant Guard™ identified that one or more of your computers may be infected with a "Bot". We strongly recommend that you visit the Comcast Constant Guard Center at https://constantguard.comcast.net for important information on how to remove malicious software from your computer(s).
A "Bot" is malicious software or malware that is used to gain control of your computer, typically without your knowledge. Online criminals can use Bots to collect your personal and private data, such as Social Security numbers, bank account information, and credit card numbers by monitoring your keystrokes. This can lead to identity theft and fraud.
We appreciate your prompt attention to this important online security notice.
Comcast Customer Security Assurance
Smells like a fraudulent "phishing" email, does it not? Especially since I had never heard of Constant Guard before.
But it turns out this message really is from Comcast...and it's an example of how to bungle a great customer service offer.
After some followup emails with Comcast and thorough perusal of their information about this offer, I learned the cable giant has a new data-security service called Constant Guard (which they had never emailed me about before, to my memory).
Also, the key word in the email is "may."
Comcast has no firm data that your particular computer is infected. They're working off mailing lists they bought of the IP addresses of potentially compromised computers.
The valuable offer not mentioned in their emails: Comcast wants to help customers prevent identity theft by installing Norton Security Suite on their home computers -- a $160 value Comcast has done a deal to get as a free member benefit.
Sweet. But you have to wade through pages and pages of information on their website to determine that in fact this is a legitimate offer. And that you're not being asked to buy anything.
Additional negative: They cheerfully relate on their website that there is no way to opt out of receiving their warning notices that my computer might have a "Bot." There's a law against forcing me to get business emails, called the CAN-SPAMM Act...so that seems troubling.
And why so pushy about something that's basically just a new, free member benefit?
How might Comcast have better handled this? Sending an initial email simply introducing the service, and warning I might get notices from Constant Guard would have been smart.
Then, instead of trying to put the scare on me about my computer's security, they could have just made the offer -- "If you're worried about identity theft and computer security, Comcast members can download Norton Security Suite free."
A cautionary tale for any business sending emails to customers: Make sure customers are ready for your message and know it's genuine.
Comcast says it sought to create awareness for its Constant Guard Bot Detection and Notification program, which started with a trial in Denver in October 2009, which generated some press.
"We know there is still a lot of customer education we need to do to help others avoid the experience you had," a company spokesman wrote in an email. "Many of the criticisms you had about our approach were things we anticipated and worked hard to address."
Are your business emails trustworthy? Leave a comment and tell us how you handle customer emails.