Identity Scam: Phishing Emails

Phishing attempts and how to identify them

With phishing, a scammer pretends to be a legitimate person or organization to trick you into revealing personal or financial information. That information may include credit card numbers, social security numbers, or passwords.

We want all customers to know that we won’t ask for personal or account information through phone calls, email, or text messages. If you get such a message, you should report it to AT&T Internet Security at abuse@att.net. You can also forward email to the Anti-Phishing Working Group at reportphishing@antiphishing.org or report it to the FTC.

Phishing scams can take many forms. For example:

• You receive an email or text message that seems to come from your bank. The message asks you to confirm your account information by clicking on a link. When you click on the link, it installs a malicious program on your computer or device that captures everything you type, including passwords.
• The link may also take you to a fake website with a homepage that looks like your bank’s. The website asks for information that the real site would never ask for, including your account number, the last eight digits of your debit card number, and your ATM PIN.
• A hacker creates a fake website using a web address that is commonly misspelled. This is called typo squatting. If you mistype a web address, you could land on one of these sites.

Scammers are constantly changing their attacks to include details that will make you believe the scam is real. So, it’s important that you know what to look for. And remember - we won’t ask for information through phone, email, or text messages.

Recognizing phishing and fake websites

The next time you aren't completely confident that you are on a legitimate website or that an email you received is valid, check for these warning signs:

• Uses an incorrect URL - If your bank uses a certain URL and the site you land on uses a different URL, chances are it’s a fake site. Always double check to make sure that the site address is accurate. You can also hover your mouse pointer over a link in the email to verify that the link is directed to the same site that the email came from.
• Uses all caps in email subject lines - Scammers often use capital letters to get your attention. This is something we would never do in our emails, so it's a good sign that the email is a fake.
• Has numerous "undisclosed recipients" - Scammers send out thousands of phishing emails, hoping someone will bite. So if you see that an email is copied to other recipients, watch out. Our customers are individuals, and we treat them that way. Your email goes to you and nobody else.
• Asks for banking information - A real bank would never ask for your bank account information or your debit card and PIN numbers via email. Be wary of any email or site that asks for sensitive information (such as your Social Security number) that is beyond your standard login.
• Asks to confirm sensitive account information – If an email or website asks you to confirm sensitive account information, this is surely a scam.
• Uses a public Internet account - Before you click on any link sent to you by email, look at the sender's email address. If the email is from a public account, but claims to be from your bank or other business, do not trust the email. All myAT&T emails originate from att-mail.com, so if you don't see that address, the email isn't from us. You should also make sure that any email claiming to be from your bank includes your given name in the message, such as Dear William Smith, instead of Dear Valued Customer. Real banks address messages to you by name as a way of confirming your relationship.
• Includes misspelled words - Real companies have staff checking the accuracy of emails and websites. If you see a misspelling or a misuse of the company name, look for other mistakes and clues to confirm your suspicions. And don't enter any of your personal information on the site.
• Isn’t a secure site - Legitimate e-commerce sites use encryption, or scrambling, to help ensure that your payment information remains safe. You can see if a site uses encryption by looking for a lock symbol in the browser window. Clicking on the lock symbol allows you to verify that a security certificate was issued to that site, a sign that it's a legitimate, trusted website. You should also check that the address starts with https:// rather than just http://. Do not enter payment information on any site that isn't secure.
• Displays low resolution images - Scammers usually erect fake sites quickly, and this shows in the quality of the sites. If the logo or text appears in poor resolution, this is an important clue that the site could be phony.

There are some measures you can take to protect yourself from these types of scams:

• Email headers can be forged easily, so don't trust email headers.
• Avoid filling out forms in email messages from unverified senders because you do not know where the data will be sent.
• Many scam artists are making forgeries of companies' sites that look like the real thing. It is best not to click on links in an email message unless you are absolutely certain the message and link are legitimate.
• If you go to a link offered in an unsolicited email, check to see if there is an s after the http in the address and a lock at the bottom of the screen. Both are indicators that the site is secure.
• Instead of clicking on links provided to you, go to the company's website yourself. Once you verify the website, then you can verify whether your information is needed.

AT&T Internet services makes every effort to block fake messages from reaching our members, and we’ll continue working diligently to ensure that your experience with us is both safe and enjoyable.

If you receive what looks to be a phishing attempt, help yourself and others by reporting it.

• If the message claims to be from AT&T, report it to AT&T Internet Security at abuse@att.net.
• If the email isn’t from an AT&T address or isn’t related to AT&T, forward the information to the reportphishing@antiphishing.org or report it to the FTC.
• Report suspicious texts to 7726 (SPAM).
• Once you’ve reported the message, just delete it. Don’t click any links or open attachments.