Fraudulent AT&T Emails - How To Recognize and Report Them

Nowadays, we have to be careful how we share how information. Everyday scammers are attempting to get that information. They can call, they can send letters, and they can even send emails. Did you get an email and not sure of the legitimacy of it? Does it sound too good to be true? Learn what to look out for.

What To Look Out For

Indicators an email is fraudulent

• A request to confirm personal details or account information – AT&T has your information and would not need you to verify it.
• High total balance due – The email usually lists a very high balance to encourage you to click on the link to review your bill. To be safe, go to att.com and check your account yourself.
• No account number is listed - Legitimate AT&T bill notices typically list the account number or several digits of the account number.
• Non-AT&T links - If you hover over the links, you will see the destination URLs. The pattern is typically: https://[random-non-att.com domain]/[random text]/[random text.html]. The links lead to a malware payload website, which changes frequently to circumvent blocking. The links have no affiliation with AT&T and they are compromised websites. To be safe, go to att.com and check your account yourself.
• Attachments - Legitimate AT&T bills typically do not include attachments. Fraudulent attachments are in .zip format and all have names beginning with ATT_Payment. To be safe, go to att.com and check your account yourself.
• Scare Tactic –scammers will attempt to make you panic by saying or writing something like, “You have a high balance”. Be cautious of these tactics. To be safe, go to att.com and check your account yourself.
• Click here to see an example.

Note: Remember, it doesn't have to be an email. Hackers are always thinking of new ways to scam unsuspecting customers, and those scams don't always come in the form of email. Don't provide any information if you're not sure that the website you're visiting is owned by AT&T.

What You Should Do

If you suspect a bill-ready notification or payment confirmation email was not sent from AT&T or is in any way fraudulent, do not open the email, click any links within the email, or open any attachments. Please report any suspected fraudulent emails or links to AT&T via email to scam@abuse-att.net. When possible, include the full email header to help us identify the origins of the email. For all other cases (non-AT&T messages from other email accounts, bank scams, and so on) send an email to spam@uce.gov.

If you believe your identity may be at risk, click here to find out how to handle it.

If you believe your E-mail account was hacked, click here to find out what to do.

Remember, you can always log into your account at directly at  www.att.com to verify your bill or account information.

We are dedicated to protecting you from all forms of fraudulent activity that may compromise your security and enjoyment of our services.

AT&T Security is working to block all known scripted/malicious sites.

ChrisZ, AT&T Community Specialist