Contributor
•
3 Messages
Fraud calls? Pretending to be AT&T asking me to give PIN numbers from "AT&T free message" texts
I got a call from **** a Jeff [edited for privacy-please do not post personal or unique information such as but not limited to full names, employee ID numbers, email addresses, phone numbers, account numbers, etc.], claiming to be AT&T employee. He said that someone (I don't know this person) had ordered 2 iPhone 7+'s on my AT&T account to be delivered to an address (not any address associated with me). I told him I did not place the order and that's a fraudulent order. Jeff said ok he'll cancel but he need to first send a PIN code to my phone and ask me to read the PIN code to him. I received a text message from (746) 118-88 saying "AT&T free message: Please use this single-use PIN to complete your AT&T Messages log in:asnpmh"
I noticed also that 2 months ago in April, I got another phone call someone claiming they are AT&T telling me that they noticed some suspicious calls, someone had made hundreds of calls to Russian using my cell phone number. Also not my calls and he offered to cancel them but need to send PIN's via text message to my phone. I gave him the PIN's and he said those charges are canceled.
This is a fraud? And what can they do?
Accepted Solution
Official Solution
Gary L
ACE - Expert
•
16.5K Messages
7 years ago
@sushichomper I think if you gave them your PIN, you'd have just given that caller access to your account.
If someone tries to access you account at att.com and they don't know your log in, the trick to reset is they need the code that will be sent to your phone (and since they don't have your phone, they can't get that code). So they give you a reason to give them the PIN, tell your account to reset the password and then you give them the verification code they need to get access to your account.
I'm not sure why AT&T would need you to read a code to verify you have that phone, they just called you on that phone they know you have that phone...
My 2 cents...
0
sushichomper
Contributor
•
3 Messages
7 years ago
Mmmm, yes. That actually happened. Thanks for the alert.
I just had some unauthorized access to my account, someone changed my billing address and PIN. I don't know how they did it. Because the fake text messages before from the scammer do not look like they came from AT&T and do not have the formats of AT&T PIN's. How did they leverage those PIN's that they generate to get into real AT&T accounts?
0
0
sushichomper
Contributor
•
3 Messages
7 years ago
Thank you garylapointe. I think that might have been exactly what happened.
0
0
Gary L
ACE - Expert
•
16.5K Messages
7 years ago
You're welcome. Please go change your password..
They didn't generate it, they went to ATT.com and said reset my password and to get to the next step AT&T texted a PIN to the phone and then asked them for the PIN to prove they have the phone that goes with that account (which they know the account user has); then they called you and asked for the PIN. This was a security feature as no one else has access to the PIN (unless of course, you give it out...). This may not be exactly the steps, but close enough to get the ideal of how they did it.
0
0