Email Phishing Scam
Home ScamsPhishing Scams AT&T Phishing Scam

AT&T Phishing Scam

by Brett M. Christensen

Outline

Email purporting to be from AT&T claims that the recipient’s account may be shut down if he or she does not verify the account by replying with username and password details. 

Brief Analysis

The email is not from AT&T. In fact, the email is a phishing scam designed to trick AT&T users into sending their account login details to cybercriminals.

Example

Subject: Update Your AT&T Account Now!!!

Dear Member

This is for your own safety to avoid your account closed, you will have to verify your account by filling out your Login below by clicking the reply button. We apologies for any inconvenience.

User ID: ……………………………
Current Password: …………….
Occupation: ……………………..
Country OR Residence: ………
Date of Birth: …………………….

After Following the instructions in the sheet, Your account will not be interrupted and will continue as normal.

Thank you
At&t Customer Care

Case number: 8971628
Property: Account Security

Screenshot of the scam email:

AT&T Phishing Scam Email

 

From: AT&T Mail Center
Subject: Account VerificationDue to the congestion in all att.net users and removal of all unused att Accounts,Att would be shutting down all unused Accounts, You will have to confirm your E-mail by filling out your Login Information below after clicking the reply button,

* Username…………………. ………………….
* Password: ………………………… ……………………….
* Date of Birth: ………………………… …………………….
* Country Or Territory: ………………………… …………

After following the instructions in the sheet, your account will not be interrupted and will continue as normal. Thanks for your attention to this request. We apologize for any inconveniences.

Warning!!!: Account owner that refuses to update his/her account after two days of receiving this warning stands the risk of losing his or her account permanently.

 

Detailed Analysis

This email, which purports to be from US telecommunications giant, AT&T, claims that “due to congestion” all unused AT&T accounts are set to be shut down. According to the message, users who wish to keep their accounts must verify them by replying with username and password details.

However, the email is not from AT&T and the claim that all unused accounts are about to be closed is untrue. In fact, the message is an attempt by criminals to trick users into divulging their account login details. Those who fall for the ruse and send the requested details will be effectively handing control of their AT&&T accounts to scammers. 
Once they have collected a victim’s login details, the scammers can log in to the compromised account, steal more personal information stored in the account’s files and use the account to launch further scam and spam campaigns.

Often, the scammers use the hijacked accounts to send typical “stranded in a foreign country” scam messages to people on the victim’s contact list. Because the messages apparently come from a person that the recipients know, they may be more inclined to believe the scammer’s story and send money as requested.

AT&T will never send you an unsolicited email that expects you to reply with sensitive information such as passwords. Nor will any other legitimate Internet or telecommunications company. This is a common scam that has targeted users of several high profile services, including Gmail, Yahoo, Hotmail, and Bigpond.

Some variants of the scam instruct recipients to follow a link which opens a bogus website form that asks them to submit account login details. Other variants include the bogus form in an attached file. If you receive one of these emails, do not reply. Do not open any attachments that the message may contain. Do not click any links in the email.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer