AT&T says it has already alerted the nearly 19,000 customers whose information was compromised about the phishing scam and directed them to an AT&T Yahoo help page. This page notes that AT&T customers are being targeted by a new phishing scam from the http://sbcdslstore.org/veri.php Web site. The actual address for AT&T's DSL equipment site is sbcdslstore.com (not .org). A visit to the AT&T site on Friday revealed a message stating, "We apologize for the inconvenience, but our website is experiencing difficulties at this time."
The phishing scam was setup like this: Attackers sent AT&T customers e-mails advising them that their recent credit card transaction at the SBC DSL store was rejected because of incomplete information on their account. Customers were then directed to the bogus Sbcdslstore.org URL to update their account information, including birth date and Social Security number. AT&T states explicitly on its AT&T Yahoo help page that the company does not request credit card, Social Security number, or other sensitive personal information through e-mail.
AT&T hasn't released information about how the site was hacked on Aug. 26. It's hosted by an outside company that AT&T has not identified. AT&T is working with its own internal forensic experts as well as law enforcement to analyze the attack, a company spokesman says. The company says the attack was discovered within hours of its launch and the affected site was shut down. In a statement, it attributes the motive to a criminal market for illegally obtained personal information. The statement did not, however, mention the subsequent phishing attack.
The phishing scam adds insult to injury for AT&T customers, particularly because the stolen data used to personalize the phish made the e-mail seem fairly convincing. The best response is to be guided by common sense. "E-mail should inherently be distrusted," says Nick Selby, senior enterprise security analyst with research and analyst firm 451 Group. Beyond common sense, there are anti-phishing software packages that companies can deploy to block suspected phishing e-mails and other spam. This type of software can detect suspicious network messages, "such as if there's a mismatch between a domain name and an IP address," Selby adds.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.