ATT/YAHOO EMAIL SCAM?

Never go to a LINK, from an email that you receive, NEVER. Go straight to the site itself, using the legit URL that you know and see if you get the same message. More than likely a scam. You did good, not taking the bait.

I responded, stupidly, and have now screwed up my email. What can I do to fix it?

Here are some things for you to look for in any possible phishing email:

• Never trust what is printed.  Just because it says it's from so-and-so doesn't make it true.
• Look for obvious or stupid spelling or grammar errors.   That is usually an indication the email is suspicious.
• Look at the From (sender) email address.  If it's not, in ATT's case, an @att.net domain, that's a dead giveaway.  This of course is not 100% reliable since the sender email address is so easy to spoof (fake).  You can even do it the yahoo webmail.  But university .edu domains are popular so many phishing attempts may have those and the senders are too stupid or lazy to spoof.
• Look at any clickable links or email addresses in the email.  Mouse over, don't click, them.  Most browsers and email client apps will show you what the actual link is.  That can't really be hidden easily and you will almost certainly see links to strange places or emails to strange recipients.  Bonus: if you think it's a shortened link, that alone is suspicious in itself, but you can put it into in a short link expander to see what the real link is.  You can find many of these in a google search.  CheckShortURL is a good one.  Not only does it expand shortened links so you can see the real link it also shows you a picture of what the web page for that link looks like.
• Finally, if you know how, look at the email routing in the raw email text headers.  That will allow you to see the paths the email took from the sender to you.   Probably the sender may not even be in this country.

If you clicked on a link and think your email may have been hacked here's two things to do first:

1. Change your password.
2. Log into the webmail to verify and/or remove suspicious filters and other account settings like forwarding specifications.  Click the gear->settings and from there you can access the Accounts and Filters.