Translate this page to any language by choosing a language in the box below.

AT&T - AT&T payment confirmation Email Scam - A Scammer is Phishing for Your Identity

Fake / Scam Emails Containing Virus Attachments:
The AT&T - AT&T payment confirmation Scam
Scam or Virus Attachment'

You may have received an email like the one below that looks very authentic, like it came from AT&T, or a phone call about the same subject. In this case, the scammers are even more clever; all of the links in the email appear to be real, valid AT&T links, but there is an attachment; which undoubtedly contains a virus or of malware. Norton Antispam flagged the email and moved it to the junk folder. Usually, these emails are an attempt to get you to enter confidential information (typically a social security number, name, address, bank account information, etc., to allow the scammers to steal your identity and open credit cards in your name.

This email was not sent by AT&T; AT&T is a victim as well. This is referred to as spoofing (making a fake email that looks legitimate, "phishing" (when by email) or "vishing" (when by telephone). If you receive an email similar to the one below, and especially if you have no AT&T account, have not made a payment like that, DO NOT click on the link, and do not enter any information on the forms there.

Here's what AT&T says, on their website, about what to do if you receive an email like this with an attachment:

"What to do if you receive a suspicious email containing an attachment or asking for account information
Delete the email immediately and do not open the attachment as this email did not come from AT&T. It is the result of email fraud that is spreading throughout the Internet community. AT&T Internet Services makes every effort to block fraudulent messages from reaching our members, and we will continue working diligently to ensure that your experience with us is both safe and enjoyable."

Remember, no reputable business would send you an email or a phone call requesting your personal account information. Any such email you receive asking for this information should be considered phony and brought to the attention of the business being 'phished'.

Anytime you need to go to a website for your bank, credit card companies or other personal, financial or confidential information; do not follow a link in an email; just type their address in your browser directly (such as www.AT&T.com )

Below are actual phishing emails that started circulating in early 2013.

---

----- Forwarded message -----

att.com | Support | Log In AT&T payment confirmation Dear Valued Customer, Thank you for using AT&T online payments. You submitted the following payment(s) for your account. Payment Method Confirmation Payment Date Amount BankDraft 4K3HJHJN12JSMPO 03/18/2013 $1697.07 For more information about payment please see the attachment. Thank you, AT&T Online Services www.att.com/smallbusiness size=1 width="100%" noshade style='color:#D2D2D2' align=center> Contact Us AT&T Support - quick & easy support is available 24/7. Online Info View our Special Offers to check out our best promotions.   Questions? Questions or comments? Do not reply to this email, as it is automatically generated. Please contact us or Ask a Question using our online self-help tool. Repair| Auto Pay| Paperless Billing| Move Your Service PLEASE DO NOT REPLY TO THIS MESSAGE All replies are automatically deleted. For questions regarding this message, refer to the contact information listed above. 2012. AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. Subsidiaries and affiliates of AT&T Inc. provide products and services under the AT&T brand. Privacy Policy ZPAY_50WZXL

---

The virus attachment

BitDefender         Trojan.Generic.KDZ.11234
GData             Trojan.Generic.KDZ.11234
Ikarus         Trojan-PWS.Win32.Fareit
McAfee         Ransom-FBGF!BD357F51A1D6

 

For More Information About Viruses and Adware, See:

The following documents and websites can help you learn more about virus attahments and how to protect yourself against malware.

• Virus attachments and scam emails
• See Security Resources.Org for the latest information.  They have a free page, http://www.securityresources.org/news.htm that has a list of the up to date, current threats, viruses and worms.
• Current list of known spyware and adware
• Scam: "Firewall Update Notification" "Please update your Firewall as soon as possible"
• The Electronic Privacy Information Center
• Report A Crime
• Takedown Assistance
• How Spyware Works, Ross Greenberg, Security Pipeline, February 28, 2005
• Spyware And Your PC: Keeping It Out, Getting Rid Of It, Ross Greenberg, Security Pipeline, January 24, 2005
• Browser Hijacking and Prevent Browser Hijacking, Mike Healan, SpywareInfo, last update was January 12, 2005.
• What's The Difference Between Spyware And Viruses? Dave Piscitello, Security Pipeline, January 4, 2005

---

Recommendations- What to do:

• Only open email or IM attachments that come from a trusted source and that are expected
• Use an anti-virus/anti-spam package (we recommend Norton 360 or Norton Internet Security scan all attachments prior to opening. Click here to see Norton 360 2013 on Amazon.com .
• Delete the messages without opening any attachments
• Do not click on links in emails that come from people you do not know and trust, even if it looks like it comes from a company you know.
• Keep your anti-virus software up to date
• Keep your operating system up to date with current security patches. Click here for an article that describes how to do this.

And please let us know about any suspicious calls or emails you receive.  We look for patterns so that we can alert the authorities and victims to new scams, before it is too late!

 

---

 

For a comprehensive list of national and international agencies to report scams, see this page.