New Spam Campaign Features Fake AT&T Bills


AT&T Wireless is being brandjacked by spammers in a new phishing campaign. The
messages are made to look like billing notifications from the cellular provider, and tell the recipient they have a balance due of $1000 or more. They also include a link for them to click to view and pay their bill. They are obviously hoping to reach enough people who get curious or angry enough to click it.

“If people are AT&T Wireless customers, they would be pretty outraged. We can imagine that a lot of people click on the malicious links.” Avi Turiel, director of product marketing with Commtouch, told Infosecurity. “They look very authentic, but when you mouse over the links, every one of those leads to compromised websites.”

The links lead to compromised websites. Once the recipient lands on one, it immediately attempts to download malware using exploits in Adobe Flash Adobe Reader, and if successful, the malware connects to a remote server and download even more malware.

AT&T’s just one of the many companies that get brandjacked by spammers every year. Among the most popular targets are Paypal, UPS, the United States Postal Service, and just about any bank you can think of.  Online banking logins are in high demand by phishers. Sometimes they use the info they steal to clean out bank accounts, but often they sell it to other cybercriminals. There are entire websites and forums that are dedicated to nothing but the buying and selling of stolen passwords, credit card numbers, bank account numbers, and other personal info. Sometimes these sites also connect spammers with botnet herders looking to rent out a piece of their zombie network to them for rock bottom prices.

AT&T Wireless customers who get one of these fake notices should ignore them. To check your balance, call them, or open your browser and go to the website directly. Don’t click on any of the links in the message.

Written by Sue Walsh


  1. Grant Gould · April 20, 2012

    Another week, another brandjacker going for shock value to get his scam to work. I get that a company might be like “Whoa, your bill is nuts” but if AT&T has never emailed you a bill before, they’re not going to start out of the blue. And it can’t be said enough – if you get an email “from” a company saying that something is up, call that company through their listed phone number and see what’s going on.

  2. Louise Ann · April 26, 2012

    One should not probably get caught into spam emails like these. Billing statements for utilities and others are personal and you regularly receive them, therefore, one can easily tell a fake one from the real thing. So, I think one should not panic over an email such as this, instead, directly confirm it with the company through its official website or best call them. You can always tell how much you have used or availed of the company’s products and services. And there is always no harm in trying to ask or confirm anything that involves you and your transactions to any company.

    Always practice a defensive attitude to prevent yourself from getting into scams.

Leave A Reply