AT&T Phishing scam email

That sound similar to other phishing emails people have reported in the past.  That .edu in the From field was your first clue!  Below is my standard summery of the kinds of things to look for in any possible phishing email:

• Never trust what is printed.  Just because it says it's from so-and-so doesn't make it true.
• Look for obvious or stupid spelling or grammar errors.   That is usually an indication the email is suspicious.
• Look at the From (sender) email address.  If it's not, in ATT's case, an @att.net domain, that's a dead giveaway.  This of course is not 100% reliable since the sender email address is so easy to spoof (fake).  You can even do it the yahoo webmail.  But university .edu domains are popular so many phishing attempts may have those and the senders are too stupid or lazy to spoof.
• Look at any clickable links or email addresses in the email.  Mouse over, don't click, them.  Most browsers and email client apps will show you what the actual link is.  That can't really be hidden easily and you will almost certainly see links to strange places or emails to strange recipients.  Bonus: if you think it's a shortened link, that alone is suspicious in itself, but you can put it into in a short link expander to see what the real link is.  You can find many of these in a google search.  CheckShortURL is a good one.  Not only does it expand shortened links so you can see the real link it also shows you a picture of what the web page for that link looks like.
• Finally, if you know how, look at the email routing in the raw email text headers.  That will allow you to see the paths the email took from the sender to you.   Probably the sender may not even be in this country.