Chicago IL
3-01-2024 7:38pm

Phishing Scams Emails Circulate After AT&T Outage—Chicagoland Area

AT&T Outage Fuels Phishing Scams: How to Stay Protected

Chicago residents recently experienced a significant AT&T
outage that left many without cell service. Cybercriminals have seized
this opportunity to launch a wave of phishing scams designed to take
advantage of the situation.

Suspicious Emails Circulating

Emails claiming to be from AT&T may offer compensation such as
a free month of service. Be wary of emails offering unexpected refunds
or credits.

Example red flags in a suspicious email:

  • Sender email address doesn't match AT&T's official domain (@att.com)
  • Domain is recently registered
  • Domain is hosted in an unusual location
  • Urgent or threatening language tries to make you act quickly


How to Protect Yourself

  • Be wary: During widespread service disruptions, always exercise extra caution with unexpected emails or texts.
  • Verify directly: If unsure of an email's legitimacy, contact AT&T through their official website or phone number. Do not click links, open attachments, or pay as instructed in suspicious emails. Instead, contact AT&T directly to verify the situation.
  • Scrutinize URLs: Hover over links (without clicking) to check the destination website's address. Look for misspellings or unusual domains.
  • Beware of urgent language: Scammers often use fear or urgency to rush you into making a mistake. Don't let them pressure you.

Additional Tips

  • Enable two-factor authentication: Set up two-factor authentication for your AT&T account and other important accounts.
  • Stay informed: Follow reliable news sources or AT&T's social media for accurate updates on outages.
  • Report fraud: If you fall victim to a scam, report it to AT&T and the Federal Trade Commission (FTC): https://reportfraud.ftc.gov

After investigating, here's brief insight regarding the possible origin for this one and potentially many other, similar scams:

Fraudulent Email—Domain Analysis

Original email (masked): ****gknray@***ffectrecall.com

Registrar: Namecheap

Registration Date: February 19th, 2024 (recent)

Nameservers: brad.ns.cloudflare.com, zariyah.ns.cloudflare.com

(Cloudflare)Email Redirects (forwards) to at least two other separate domains.

The email masked here has recently been updated indicating it has
recently been registered; whereas, the final forwarding-to address dates
back to a 2016 registration date.

Other

Country: Iceland

Name: Whois Agent (likely fake)

Registration History: Dates back to 2016 (masking tactic)

Privacy Protection: Provided by Withheld for Privacy ehf

***Cloudflare helps protect sensitive information and details such
as ip addresses and NameServers via a proxy once domain and DNS
configurations have been setup—FYI

Resources:

AT&T Customer Support: https://www.business.att.com/support.htmlFederal

Trade Commission (FTC): https://www.ftc.gov/Identity

Theft | Official Gov Website: https://www.identitytheft.gov/

______________________________________________________________
#ATToutage #Chicago #phishingscams #cybersecurity #fraudalert #staysafe

Have a question? | Email us

I'm interested
I disagree with this
This is unverified
Spam
Offensive