Available Now: Buy the new iPhone 14, iPhone 14 Pro and iPhone 14 Pro Max from AT&T!
Protect yourself online
younkint's profile
younkint
#1 Star!
25,000 views
50,000 views

Teacher

 • 

27 Messages

Wed, Oct 8, 2014 4:08 AM

AT&T Phishing scam email

I just received a bogus phishing email, supposedly from AT&T, asking me to switch to paperless billing. They even had a convient "Log In" button for me to click. Oh, and there's a nice $50 coupon waiting for you if you just login and change your billing info! How nice.

 

The email was well done. Almost convincing -- until you hover over the links and notice that they aren't really going to att.net or att.com.

 

The links go to a certain e.att-mail.com address. This is an address that has been used in the past to bilk folks.

 

So, beware people.

Accepted Solution

Tutor

 • 

2 Messages

8 y مضت

I work in this field and deal with phishing scams via email and phone as part of my job. I was leary of these emails once I started getting them because of the issues mentioned by younkint and other issues that I saw. However, after hours of digging and tracking it appears that these are legitimate emails. The links actually redirect to the att.com domain. I have gone through several of the emails I received after I upgraded my phone, changed my profile and enabled the alert features about data usage. I immediately noticed the discrepancies in the email address and URL shown when hovering over a hyperlink and started my investigation.

Here is a link to a security page from att.com/esupport that even references that notices from myAT&T appear from the att-mail.com domain:

 

https://www.att.com/esupport/article.jsp?sid=KB409746&cv=804

 

It's under the "Recognizing phishing and fake websites" title

 

I only responded because I see that this page has been viewed several times and I know that most users will not be as proficient as finding the answers as I am, since I battle this type of issue for a living.

youkint did a good job and these do absolutely look like bad emails, normally I would never click on anything that presented itself this way.

But they are in fact legitimate. I have no idea why the links are for e.att-mail.com, att-mail.com and emailff.att-mail.com. All of those ultimately are "att-mail.com" and all of the links that I clicked in those emails sent me to att.com (after an automatic redirect)

 

**update - I see that my link is actually the same page as posted by ATTMarianaCM

ms_unicorn

Former Employee

 • 

4.9K Messages

8 y مضت

Hello, younkint!

 

Thanks for posting! It's definitely important to be aware of phishing scams and how to protect yourself. For more information, click on the link below.

 

Protect Yourself from Phishing Scams

 

-Mariana

younkint

Teacher

 • 

27 Messages

8 y مضت

Thanks for the information, FugCooper.

 

Frankly, it baffles me as to why AT&T would use (what appear to be) non-AT&T addresses. This seems especially strange when AT&T have been preaching caution regarding phishing scams for a long time. Actually, I got the message regarding caution. In fact, I got it so well that I would still not follow the original email I received. Smiley Wink

 

Thanks again.

 

- Terry

Contributor

 • 

1 Message

7 y مضت

This is interesting. Thanks for the info. So, can I unsubscibe using one of those emails? I am set to NOT to recieve promotional emails but keep getting them from this email *@e.att-mail.com

Tutor

 • 

2 Messages

7 y مضت

@vukodlak7
If the emails you receive match the description listed above then you should be able to use the unsubscribe link found in it. Obviously, without looking at the email personally, I can not verify the authenticity of it, but if the hyperlinks match the description here then you should be able to trust it.

Contributor

 • 

2 Messages

7 y مضت

I just got one of these mails, which is most definitely coming from AT&T (and directs to att.com), entitled "did you forget, Michael?" as though I forgot to pay my bill (or something). I have little patience for these games.

 

I am your customer, not your lead. No, I was your customer. You conveniently reminded me that I'm paying $60 for voice+text. High time for a better deal.

 

Contributor

 • 

2 Messages

7 y مضت

Hey, looks like AT&T is in violation of the CAN-SPAM Act. See item (2) here:

https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business

 

Anyone reading this with a deceptive email title like mine can report the violation here. https://www.ftccomplaintassistant.gov/#crnt&panel1-1

 

We actually got a target for this one, guys. Don't let them get away with it.

 

Contributor

 • 

1 Message

6 y مضت

Mariana, are you saying that the suspected email was phishing and NOT from AT&T? Others are saying that it directed them to AT&T's actual site. PLEASE EXPLAIN.

Contributor

 • 

1 Message

6 y مضت

Here's a real gem I received today; beware:

 

 

 

Can't see this email?  | 

 

Important account information

 

Hello, Richard.

Your trust is important to us. So we are pleased to improve your ability to choose how you receive advertising.

If you subscribe to satellite TV or wireless service from AT&T, you can already make a choice not to receive Relevant Advertising based on AT&T information by visiting a single, centralized website: ***. Now, if you are an AT&T U-verse® TV or Internet subscriber, you can also make a choice about whether to receive such ads by going to the same website.

Relevant Advertising uses aggregate information about groups of people to develop ads that are more likely to be useful to that group. If you opt out of receiving them, it doesn’t mean you won’t see ads, just that they won’t be as relevant to you.

The new opt-out means that you won’t be served Relevant Advertising based on your AT&T data, such as your billing zip code.

It’s also important for you to know, as a consumer, that most online Relevant Advertising is not controlled by your Internet service provider (such as AT&T). You can visit advertising industry websites *** and *** to make choices about receiving many of these ads.

Our Privacy Policy has not changed. Neither has our commitment to giving you choices and keeping your trust. You can change your choices at any time, and learn more at ***

Thank you for choosing us,

AT&T

 

For questions regarding this message go to ***

***

© 2016 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo and DIRECTV are registered trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.

 

[Edited to comply with Guidelines - please do not post potentially hazardous links]

Contributor

 • 

2 Messages

6 y مضت

I got one asking for my Wi-Fi password.  It had the title "Here's your Wi-Fi name and password." and was from "e.att-mail.com".

 

Be aware of this one.

Contributor

 • 

2 Messages

6 y مضت

In response to my above report, I got an email from "att.att-mail.com" congratulating me for my reporting.  It had the title "AT&T Community: You've earned a new badge!".

It looks like they have infiltrated this site?

Will they send me an additional malware for this followup?

 

Contributor

 • 

1 Message

6 y مضت

att-services.cn.1998799749@emailff.att-mail.com

keep getting emails from "AT&T Customer care for wireless", from this address

telling me that "100% of your data has been used. Courtesy message-Your AT&T Mobile Share Group which includes [edited for privacy-please do not post personal or unique information such as but not limited to full names, employee ID numbers, email addresses, phone numbers, account numbers, etc.] has used 100% of the shared data for the billing period ending on ....We've added 300MB of overage data for $20 so the group can continue to use their data service without interruption, etc.

Don't know this number, don't have limits, don't live in Baltimore, not even sure what a mobilegroup is. Link is to real myatt site

 

Contributor

 • 

1 Message

5 y مضت

I just got an email saying that my autopay failed. The email address was:

 

AT&T Online Services <att-services.cn.1199548483@emailff.att-mail.com>

 

I assume this is a scam?

JefferMC

ACE - Expert

 • 

29.8K Messages

5 y مضت

I don't know.  It would probably be wise to check your account status at MyATT (either the app or att.com) and/or call the customer service number on Monday.

Contributor

 • 

1 Message

5 y مضت

Yesterday, I received what appears to be a phishing email and is supposedly from AT&T Security. However, in the From line is "AT&T Security Team ," which is MY email address!

 

There is nothing in the To line. So this tipped me off that it's a scam message.

 

However, what makes me very nervous is that I talked to an AT&T tech rep yesterday because of a serious problem with my xxx@att.net email addresses. They have all seemingly disappeared (I no longer have access to them), and I wasn't receiving any email from those accounts. So, given that I had been having big problems with AT&T email accounts then received this scam email spoofing to be from AT&T, it is too much of a coincidence to me and feels like someone inside of AT&T is doing this.

 

Please let me know if someone in AT&T Internet security would like to see this message, and I'll forward it to them.

Need help?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.