You are currently viewing AT&T Breach followed by a Phishing Scam
Phishing Email

AT&T Breach followed by a Phishing Scam

It’s been widely reported in the past week that AT&T had a data breach involving some 7 million customers, both present and past. I left AT&T years ago for Mint Mobile, which has saved me hundreds of dollars per month on my mobile phones in the home and business. Today I just received the following official looking email, purportedly from AT&T and it looks legitimate at first glance with the logo, English grammar and blue colors.

AT&T Phishing
AT&T Phishing email

The subject line was suspicious, because it used three random numbers. Next, I noticed that the email started out with Dear Customer, instead of my full name – Daniel Payne. Finally, when I clicked on the From address it was totally fake: comm.myAtt.com@turing.com

Even the button they wanted me to click for Sign In went to a fake web site, not att.com: https://r.sib.turing.ws/tr/cl/nhxe2IQXxzzpaTI3ww9FO9ztPTEMFfWUyTyAkksBCw_YqLXMIKsJp_vR1pxjjqDSndE7Q-isTis9eUT2X6TEFSmmLdWem9El2EffvfMMlN7ZQd46Xahp6x3LYC8wTsBr0AVsMR6rXK5SLoJ15URmB2drT7qka36ogjNYLpqFVw9SBkBRsKMuCA5d7TeldEAnIredCPIw_e8hbL0Lc7X_l3bVwkSqT2Wmd-ZjtVbdozdUjDpHm456XMLCsg5Px5VGp5sjHj1DI_m8

Remain suspicious, and double check email messages for these positive signs of authenticity:

  • Subject lines that make sense, not with random numbers
  • From address that has @att.com, not a phishing address like @turing.com
  • Includes my First and Last name, not Dear Customer
  • Includes my account number
  • Hyperlinks on buttons that direct to att.com, not r.sib.turing.ws

Leave a Reply