ALERT- Sophisticated AT&T Phishing Scam

So, last week in Tokyo, I couldn't find the wonderful Tempura restaurant where we were supposed to meet. Google Maps had failed us. Not wanting to miss it, I turned on my AT&T contracted iPhone for the first time ever abroad (I usually keep it on Airplane mode and use wifi and a local phone in Barcelona.) Today I got a bill for $1717 from AT&T. Now, I have heard horror stories before, but even this seemed a little much for the 10 minutes I had my phone connected. So I tried logging into my account (heading over to AT&T directly) but their systems seem to be down. (Perfect storm?) I did click one of the links in the email, but it didn't work, I hope. AT&T is still down, so I can't find out until later. But just in case you get a bill from AT&T that seems out of the ordinary, watch for these things:

1. The bill came on an unusual day of the month.

2. There's an extra space at the top of the email.

3. It says "Dear Customer" instead of "Dear [your name]"

4. It *doesn't* give your account number, and instead, says how much the bill is for.

5. When you hover over a link, it doesn't go to att.com and instead points to somewhere strange.

Of course, if you've read this, they have too, so perhaps next time, they'll get these details right. (Although, as with spelling errors and weird English syntax in Nigerian scam letters, perhaps that's never going to happen.)

At some point, I guess we're going to need to be able to verify the sender of an email. Until then, keep your eyes wide open. Should I say never click a link in an email? Perhaps from an institution, yes. What a drag.



I'm not sure "sophisticated" is the right word. Perhaps you wouldn't have been tricked. But compare this picture with one of your invoices, and then tell me.