Let AT&T help you elebrate your dad with Father's Day Gifts that connect us.
Need to update email settings?
dobbswhit's profile

New Member

 • 

2 Messages

Saturday, February 19th, 2022 11:58 PM

Getting spam at att.net

I have an sbcglobal.net email. For the past two weeks, I am getting up to 10 phishing emails a day in my inbox all directed to an att.net email. How can I rectify this?

Visitor

 • 

10 Messages

2 years ago

sbc.net is not in any of those emails.  Nowhere to be found.

ACE - Guru

 • 

9.9K Messages

2 years ago

Email doesn't just magically appear in your sbcglobal.net Inbox.  That address is in the full headers someplace.

New Member

 • 

2 Messages

2 years ago

Several of us are reporting that this is a recent occurrence, that the emails comes from different addresses but are being sent to us at att.net addresses even though we have sbcglobal ones. Clearly some breach has occurred. 

New Member

 • 

5 Messages

2 years ago

@ATTHelp , the spam is coming from all different email addresses, and sometimes the EXACT same junk/phishing email but from multiple email addresses. I've marked every single one as spam, chose "to filter these kinds of messages" and blocked the senders for weeks now. Nothing has changed except there are more and more spam emails every day.

Visitor

 • 

10 Messages

2 years ago

Here too, cc7372

Community Support

 • 

232.8K Messages

2 years ago

Hello again, cc7372.

 

There are two more things you can do to limit the amount of spam emails coming in:

  1. Forward the emails to us at abuse@att.net so we can investigate it. Make sure you include the full header so we can find out exactly where it came from.
  2. Create a filter to send the emails to spam following these steps:
  • Select the gear and then More Settings.
  • Choose Filters.
  • Select Add to create a filter.
  • Enter the conditions for your filter and then select Save.

We hope this information proves helpful. If you need help with anything else, let us know. Thanks for visiting the AT&T Community Forums.

 

Aminah, AT&T Community Specialist

ACE - Guru

 • 

9.9K Messages

2 years ago

Anyone care to post the full (raw) headers from one of these?  Obviously X-out your real email address, you don't need even more spam.

Visitor

 • 

10 Messages

2 years ago

I just sent 6-8 of these spams from different addresses.  I hope someone can clear this up.  As it's just started happening in the past 2 weeks or so and their are quite a few of us going thru this, it has to be on ATT's end. Please help.

(edited)

ACE - Guru

 • 

9.9K Messages

2 years ago

@sonnyboy43   Spam happens.  My primary Gmail account hardly got a handful of spam a week.  Then about 6 weeks ago I started getting 20-40 a day.  You could tell by just looking at the list that they were coming from just a few different sources. 

Go to https://haveibeenpwned.com/ and plug in your email address.  How many breaches has that address been compromised in?

New Member

 • 

9 Messages

2 years ago

Okay, @tonydi, below are the headers from one of two emails I've received today from users at public.govdelivery.com. (Part 1 because of post length limits here)

Received: from 10.220.191.55
 by atlas101.sbc.mail.ne1.yahoo.com with HTTPS; Thu, 24 Feb 2022 00:17:23 +0000
Return-Path: <[email scrubbed]>
X-Originating-Ip: [52.100.16.202]
Received-SPF: pass (domain of imagineindependence810.mail.onmicrosoft.com designates 52.100.16.202 as permitted sender)
Authentication-Results: atlas101.sbc.mail.ne1.yahoo.com;
 dkim=perm_fail header.i=@ImagineIndependence810.onmicrosoft.com header.s=selector2-ImagineIndependence810-onmicrosoft-com;
 dkim=perm_fail header.i=@public.govdelivery.com header.s=13q2;
 spf=pass smtp.mailfrom=imagineindependence810.mail.onmicrosoft.com;
 dmarc=unknown header.from=public.govdelivery.com;
X-Apparently-To: XXXXXXXXXXXX; Thu, 24 Feb 2022 00:17:23 +0000
X-YMailISG: ghnIGmkWLDv5XzZFlrK6ih.IcRNM0R1QSqlOHdt1a6jGiBw8
 2pYUCME_53zE53q24kPqT84mJQmXzoJIeywT2UsmANBIO_elRW9bKQcJpDir
 d.xnFvCKwhTgOSId0ht5n3WjBgn..yS4E0MQEkAAazfZSdlxKwkmaLqQ2Loa
 UIY5A0EXfUVKnKa2X3Rib2Vh0xfco0noUC3hsuVggCK8x4AdxV4ecXbZ5BUb
 ouhTmVg7en4COiuWjABWe4rKvZZb4hVADlz97Eu8BzKijpqZ2W2nOdHC_2li
 uU5Xa9EA60yhBDL3FkNlEhkzv8voA4Edp21FHavXkMbo1xuc8UoTEbUOa_WU
 lgA9MYKx8RGHwM1b5vVmaAT0ThX1qs33x9JtJIkLJ3s0AYzDD4EADNktLtcw
 WWhy3yT4eRd3YsTqmG6SzLrZepExoYMTldCSyMM90c81GCqtf3VwxzWu8Hj4
 3qG6MognwVdHq1TU9oSCmQJ5qDEc297T4CTcL_4_kHt4YjO1LgyYOeUXDY6X
 n4GlcEQlch7fVSw1e30EvaTbh06081E2imu8Qwhs73Uo8ZvZFtQHqoIERBkM
 oVhqtiBxZEkO96r9fnefOclXPZG.IsxtH5GWCo3xW4B8j0S_Qclqp0pqQqAm
 qAou42cyVeIzzG5N5ZQKOoGSkjJnDfq0jH13EW7yTe_A4aWmw0Cz8rWQEE1E
 GpSXjSncMT0nAYrIjk5sZ9LM4M9vIwU96rBc9sq6X3F2HLmCcpT4FeCYVJWe
 mLtlnAhtyvwsbXZOkkgVprGhVbR9sYWHcDXfugrZzhvoowu9jRMPFGZuAf.1
 zDqVvqu5mij5HO5UEQuqhiG5_Ujw7XolrEQeGBtmz1RJm5OUb5iEO6UyeioD
 quyW.LOnMuTVSJss8OJCKdRqQW9GuX3.MIFqdc_wR5i1RZ9fbqJOP7n.xhV_
 mxrHDNpFRrmNTuzZEga9kjZBrYPUo.vGU4Fnqmf3dSw_SYJmsbJlaaScc9wb
 JYmvyLXYzPY1PSCzk8Grw0AEk2c87PKq.B.KocFbPn2IhCRfbZZP5JScoka_
 lzroagYcrAV(Edited per community guidelines)3bjHhNHBt.v9lpkMNbyS.MPrr_z85eisQ2loicyVej620r
 aVBigbCPjNe06ByLlDfUSItWSsdW54587IWIx7fmdlBoENsr
Received: from 144.160.152.210 (EHLO flpd571.prodigy.net)
 by 10.220.191.55 with SMTPs
 (version=TLS1_2 cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256);
 Thu, 24 Feb 2022 00:17:23 +0000
X-Originating-IP: [52.100.16.202]
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-ve1eur03hn2202.outbound.protection.outlook.com [52.100.16.202])
	by flpd571.prodigy.net (Inbound 8.15.2/8.15.2) with ESMTPS id 21O0HKnk092153
	(version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=OK)
	for <XXXXXXXXXXXX>; Wed, 23 Feb 2022 16:17:22 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=ImagineIndependence810.onmicrosoft.com;
 s=selector2-ImagineIndependence810-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=lm14cUaD85Zpkfuunu0jVg4FkJWxsmulctaSC7onuRw=;
 b=Jy2vRl+0tqaZ+D+7h+p8LEC51bWvNcicYHOX9E3vqUGCQ8hKEUMxOczQfJXtxngHbB7DOEk5N3upb4ZR8Rw3m2XQPnFI6cqSFeSX7cHdCznjZ5bok+ccT187t761OjuveT/ltnhh887RPfBp354puCmt6sCH6B21LcZ4/LwoVb4=
Received: from AM6P194CA0069.EURP194.PROD.OUTLOOK.COM (2603:10a6:209:84::46)
 by VI1PR08MB2671.eurprd08.prod.outlook.com (2603:10a6:802:1d::28) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4995.24; Thu, 24 Feb
 2022 00:17:18 +0000
Received: from VE1EUR03FT005.eop-EUR03.prod.protection.outlook.com
 (2603:10a6:209:84:cafe::c3) by AM6P194CA0069.outlook.office365.com
 (2603:10a6:209:84::46) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.21 via Frontend
 Transport; Thu, 24 Feb 2022 00:17:18 +0000
X-MS-Exchange-Authentication-Results: spf=fail (sender IP is 45.144.29.230)
 smtp.mailfrom=ImagineIndependence810.mail.onmicrosoft.com; dkim=fail
 (signature did not verify) header.d=public.govdelivery.com;dmarc=none
 action=none header.from=public.govdelivery.com;
Received: from arii.sAmartintech.ru (45.144.29.230) by
 VE1EUR03FT005.mail.protection.outlook.com (10.152.18.172) with Microsoft SMTP
 Server id 15.20.5017.22 via Frontend Transport; Thu, 24 Feb 2022 00:17:14
 +0000

(edited)

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.