Update: AT&T Hackers Devised Elaborate Phishing Scam To Dupe Customers - InformationWeek
01:39 PM

Update: AT&T Hackers Devised Elaborate Phishing Scam To Dupe Customers

Details of the AT&T hack are beginning to emerge. It was pulled off by identity thieves who used a bogus Web site and convincing e-mails in an attempt to fool the telecom vendor's customers.

It wasn't enough for hackers who hit AT&T's DSL equipment sales Web site to simply make off with some customer information; they've been using those stolen names, e-mail addresses, and credit card numbers to launch especially convincing phishing attacks against those victims. The phishing site set up by the hackers incorporates this stolen customer data in an effort to convince AT&T customers to divulge additional sensitive information, including Social Security numbers.

AT&T says it has already alerted the nearly 19,000 customers whose information was compromised about the phishing scam and directed them to an AT&T Yahoo help page. This page notes that AT&T customers are being targeted by a new phishing scam from the http://sbcdslstore.org/veri.php Web site. The actual address for AT&T's DSL equipment site is sbcdslstore.com (not .org). A visit to the AT&T site on Friday revealed a message stating, "We apologize for the inconvenience, but our website is experiencing difficulties at this time."

The phishing scam was setup like this: Attackers sent AT&T customers e-mails advising them that their recent credit card transaction at the SBC DSL store was rejected because of incomplete information on their account. Customers were then directed to the bogus Sbcdslstore.org URL to update their account information, including birth date and Social Security number. AT&T states explicitly on its AT&T Yahoo help page that the company does not request credit card, Social Security number, or other sensitive personal information through e-mail.

AT&T hasn't released information about how the site was hacked on Aug. 26. It's hosted by an outside company that AT&T has not identified. AT&T is working with its own internal forensic experts as well as law enforcement to analyze the attack, a company spokesman says. The company says the attack was discovered within hours of its launch and the affected site was shut down. In a statement, it attributes the motive to a criminal market for illegally obtained personal information. The statement did not, however, mention the subsequent phishing attack.

The phishing scam adds insult to injury for AT&T customers, particularly because the stolen data used to personalize the phish made the e-mail seem fairly convincing. The best response is to be guided by common sense. "E-mail should inherently be distrusted," says Nick Selby, senior enterprise security analyst with research and analyst firm 451 Group. Beyond common sense, there are anti-phishing software packages that companies can deploy to block suspected phishing e-mails and other spam. This type of software can detect suspicious network messages, "such as if there's a mismatch between a domain name and an IP address," Selby adds.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
2017 State of IT Report
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll