Fake email messages are getting more clever every day, and this morning I received the following message that looked somewhat legitimate:
The From address said Account Management, the blue color matched AT&T and the English wording was plausible. A few things tipped me off that this email was another phishing attemnpt:
- From email address – firstname.lastname@example.org
- Dear Valued Customer
- Sign In link – http://r.emailing.qualtech-groupe.com/tr/cl/JZg5W3Wx1YYfvWl8nWnm2_0hDs4QdrVP69qvBWSEDmxkZkFjfkxNBFhmZtypQsZuJfiXxj4w1Lrs0U335xyv_a2Q0JPiAJf7biGNtIqs0KoBwyZQzvpsbEqa_p57eiT-lOke5hK8X-OAPSgTj_G6tP6cgJlsTYA3Tf9aZ6Lwv2ywrLVqmV2kngGxZ_WjWxGsE5a_IpVw2y7ts9ntkcMSxXV8QX3fXj88OpnuXgXt-eWLg1zDzpRHQZJqcvxHihwCyxTbQx3MnXFO-jdKQuNOM4F4xDYOGQ
A real email from AT&T would have a From email address with @att.com.
The greeting of Dear Valued Customer would’ve been “Daniel Payne”, as a real company knows the real names of customers.
There is no account number in the subject or message, so this has to be fake.
Finally, the big, blue button that the scammers want me to click doesn’t go to att.com, but a fake site.
Be suspicious of all email messages, and don’t click on the links or buttons before you check out the From Address, and just hover over any suspicious link or button to confirm that the address is legitimate, like att.com.