Need help understanding your bill?
snoopy2020's profile

Contributor

 • 

1 Message

Thursday, September 28th, 2017 9:54 PM

Equifax breach email from AT&T

Received email from AT&T today about the Equifax breach and the possibility my personal info may have been compromised.  It this legit ???  As well as the info to contact them at a certain email address.  

Accepted Solution

Official Solution

Community Support

 • 

2.7K Messages

6 years ago

Hi,

 

For everyone that received an E-mail about the Equifax Breach, I can confirm that was an E-mail sent by AT&T. I still highly suggest that you watch out for any phishing E-mails over this issue. We will still not ask for personal information, and we provided the site www.equifaxsecurity2017.com, which is the site that is being provided to all people that may have been affected. Be sure to check your browser to make sure you are being directed to that site. Also, the information provided by _xyzzy_ is great information to look out for for phishing scams. 

 

David, AT&T Community Specialist

Official Solution

Expert

 • 

15K Messages

6 years ago

I assume the moderator is moving all these similar threads into this one thread.  That or the posters aren't reading the first and second posts of this thread!

 

It's certainly phishing.  Don't click on any links that take you to websites or cause an email to be sent.  As @sandblaster says, why would ATT send you anything about Equifax?  I suspect there's going to be a blizzard of these kind of emails (and threads here) on all ISPs in the coming months (although I've never understood where they get all the email addresses from in the first place).

 

Things to look for in any possible phishing email:

 

  • Never trust what is printed.  Just because it says it's from so-and-so doesn't make it true.
  • Look at the From (sender) email address.  If it's not, in ATT's case, an @att.net domain, that's a dead giveaway.  This of course is not 100% reliable since the sender email address is so easy to spoof (fake).  You can even do it the yahoo webmail.  But university .edu domains are popular so many phishing attempts may have those and the senders are too stupid or lazy to spoof.
  • Look at any clickable links or email addresses in the email.  Mouse over, don't click, them.  Most browsers and email client apps will show you what the actual link is.  That can't really be hidden easily and you will almost certainly see links to strange places or emails to strange recipients.  Bonus: if you think it's a shortened link, that alone is suspicious in itself, but you can put it into in a short link expander to see what the real link is.  You can find many of these in a google search.  CheckShortURL is a good one.  Not only does it expand shortened links so you can see the real link it also shows you a picture of what the web page for that link looks like.
  • Finally, if you know how, look at the email routing in the raw email text headers.  That will allow you to see the paths the email took from the sender to you.   Probably the sender may not even be in this country.

I hope this helps or at least cuts down the number "is this a phishing email?" threads. Man Wink

ACE - Expert

 • 

64.7K Messages

6 years ago

I can't think of a reason why ATT would be sending you anything related to the Equifax breach. Yes, someone could potentially use that info to either access your account or create another account in your name, but ATT would not reach out to you by email if that were the case. Sounds like a phishing scam to me.

Contributor

 • 

1 Message

6 years ago

I received an email from AT&T about Equfax breach and the hyper link asked immediately for my last name and the last 4 digits of SS# so is it a phishing email?

Contributor

 • 

1 Message

6 years ago

I just received an email supposedly from at&t that my personal information could have been hacked. Did this happen to anyone else ?

Contributor

 • 

2 Messages

6 years ago

"may have been effected..."??? Perhaps David, AT&T Community Specialist is really the phisher. 

Contributor

 • 

2 Messages

6 years ago

Of course I'm just joshing. But one of the dead giveaways to me on recognizing scammers is the use of poor grammar and spelling. But I'm still leery of giving out my social security number online, even to this TrustedID Premier site that the so called impacted folks are led to.

Contributor

 • 

1 Message

6 years ago

You recommendation to sign up for the credit file monitoring and identity theft protection is totally irresponsible on your part. For one, you have absolutely no position to be recommending anything of this nature. Two, this is a total scam by Equifax to have me indemnify them for any repercussions from the security breach. Not only that, but to sing up requires me to AGAIN, provide them with sensitive personal information to a third party holder. WHAT THE HECK ARE YOU THINK ATT?!!!!!!!!!!!!

Contributor

 • 

1 Message

6 years ago

I didn't use the hyperlink in the AT&T E-mail but searched on "Equifax breach"

One of the suggested sites was  https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do

I did open that and saw Federal Trade Commission Consumer Information article which does in fact recommend going to Equifax much the same advice that AT&T gave.

 

Tutor

 • 

1 Message

6 years ago

I got a snail mail from ATT about the breach with similar recommendations. I too was skeptical as to why ATT is involved. Weird.

Anyway, this prompted further investigation which brought me to this thread.

After going to the http://www.equifaxsecurity2017.com/  site, I believe it to be an authentic website. However, i find it quite disingenuous and self-promoting that they are offering a 1 year free sign-up for their TrustedID credit monitoring service.  What happens after a year is that they will inevitably start charging your credit card monthly for the service, or if not - at least a hard sell claiming that if you drop the service you will be acting irresponsibly (and likely with no mention of their ultimate irresponsibility in losing control of our data in the first place). They are turning their failure into a business opportunity for them. Despicable corporate behavior? I guess we'll know in a year when these free trial service periods expire. 

 

If you choose not to sign up for TrusedID, know that Equifax will be offering (starting in January 2018) a free-for-life credit lock and credit monitoring service with some of the same features as their TrustedID service. You can also get free 3-bureau credit monitoring (not sure how good it is but its better than nothing) with CreditKarma, and all you have to do is put up with them offering you credit cards and other services when you are on their website. (NO I do not work for CreditKarma, or anybody related to financial services). If you are really worried, between now and late January when Equifax's free-for-life service comes on line you can put a 90-day fraud alert by going to any of the three main credit bureaus' websites. By law, they have to report a filed alert with the other two.

 

Hopes this info helps somebody.

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.