Fake AT&T Notices are Actually Phishing E-mails

Fake e-mails posing as messages from AT&T the telecommunications major while admonishing recipients that they must validate personal e-mail accounts else lose access to them have been detected circulating online, informs Help Net Security in news dated October 2, 2012.

Displaying a header, "Account Has Exceeded," the bogus electronic mail begins with 'AT&T! Account verification' followed with addressing the recipient as Customer who's informed that his e-mail account is now beyond saturation point and so requires being validated. Then it warns that the validation should be done in 24-hrs otherwise the user's account will be suspended. To get instant access, he (e-mail recipient) is requested to follow a given web-link. Thereafter, the e-mail concludes by thanking the reader on behalf of AT&T.

But the e-mail's sender isn't definitely AT&T, while the warning about account suspension too is a fake. Actually, it's a phishing e-mail, which typically tries to dupe people so they will give away personal account login credentials that will land into the hands of cyber-criminals, remark security experts.

Specifically, people who trustfully follow the web-link, in reality, land on a spoofed site where they are directed for giving their usernames and passwords for accessing personal e-mail accounts. And once given, the phishers are then likely to grab those credentials that they would eventually utilize for compromising the victims' accounts.

Moreover, after hijacking the accounts, there is likely to follow more scam e-mails by the same criminals that they may spam out to all the contacts within the victims' address lists. Also, since recipients of these new e-mails are familiar with the sender's e-mail id, they are likely to believe the messages and do whatever is instructed in them, security experts explain.

In the meantime, phishers targeting AT&T isn't something unknown. For, a certain phishing e-mail spoofing AT&T customer care was detected during June 2012 as well. That one told recipients that they could now view their duly prepared invoices over the Internet. Seemingly, the e-mail utilized HTML source, which had been replicated from the real AT&T invoice message, so customers could be duped into following malware delivering web-links.

Related article: Fake-mails Troubling Credit Union Customers

» SPAMfighter News - 10/10/2012