Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

12/21/2011
01:46 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

AT&T Offers Tips On How To Stay Safe From 'Phishing' And 'SMiShing' Scams

Among the tips: Be wary of any email requesting personal and/or financial information

DALLAS, Dec. 21, 2011 /PRNewswire/ -- With the holiday season upon us, more companies are sending customers information about great deals for last-minute shopping. Unfortunately, among those exciting offers comes the threat of illegitimate emails and text messages that try to take advantage of trusting shoppers. In an effort to equip consumers with the tools they need to stay safe, AT&T* offers these tips to stay in-the-know about these scams.

"Phishing" and "SMiShing"

"Phishing" scams, also known as "brand spoofing" or "carding," are tricks Internet scammers use to "fish" for consumers' financial information and password data using fake company emails and websites. The scammers send emails that appear to be from well-known companies, containing links to web pages disguised to look nearly identical to legitimate companies' sites.

These scams can travel beyond your computer. "SMiShing" is a term used to describe phishing carried out via text message. SMiShing uses cell phone text messages to bait you to divulge personal information. You might receive a text that asks you to call an unfamiliar phone number, go to a URL to enter your personal information, or download software to your phone. If you access the URL in the text message or download any software to your device, you may be installing a virus on either your PC or your wireless device.

Tips to Stay Safe Online and On-The-Go

How to Identify Scams:

-- Be wary of any email requesting personal and/or financial information. AT&T does not send email requests to customers asking for personal account or credit card information. Most other reputable organizations do not either. -- If you receive an email message that appears to come from AT&T and asks you to provide your email ID, email password, social security number, or other personal information, do not reply to it and do not provide your account information or password. Simply delete the email or forward it to [email protected] -- If you receive a text message that asks you to call a number you don't recognize or go to a web site to enter personal information, do not select the link embedded in the message. Simply delete the text message. -- To report spam received on your phone, text us the actual spam message to short code 7726 (SPAM) to start an investigation.** -- For other organizations, call before responding to any email that asks for personal information. They should be able to verify with you on the phone whether the email is legitimately from their organization. Tips to Protect Yourself:

-- Be aware that email headers can be forged easily, so the posing sender may not be the real sender. -- In your browser's address bar, make sure that the website's address begins with "HTTPS," and that a lock icon appears. You can click the icon to view security information and certificate details. -- Realize that Internet scammers can create realistic forgeries of websites, so avoid clicking on links in an unsolicited email message. Go directly to the company's website and fill out information there or call the company to verify that they are seeking information from you. Report Fraudulent Emails:

-- Contact the company named in the email to confirm whether it sent the request. Most companies do not ask customers to confirm personal information by sending an email. -- Forward the suspicious email to the Federal Trade Commission at [email protected] -- You can also report the problem to law enforcement agencies through NCL's Fraud Center, www.fraud.org. AT&T offers additional tips and tools on www.att.com/safety. More information is also available through the Federal Trade Commission, Anti-Phishing Working Group, the U.S. Department of Justice, Consumer Action and Consumer Affairs websites.

Quotes

"With more and more communication taking place electronically, it can be difficult to determine what's authentic and what's not," said Charlene Lake, chief sustainability officer and senior vice president of AT&T Public Affairs. "As a technology leader, it's our priority to stay ahead of these dangerous trends and arm consumers with the very latest safety information to ensure their information is protected."

*AT&T products and services are provided or offered by subsidiaries and affiliates of AT&T Inc. under the AT&T brand and not by AT&T Inc.

** Standard data and message rates may apply.

About AT&T

AT&T Inc. (NYSE: T) is a premier communications holding company and one of the most honored companies in the world. Its subsidiaries and affiliates - AT&T operating companies - are the providers of AT&T services in the United States and around the world. With a powerful array of network resources that includes the nation's fastest mobile broadband network, AT&T is a leading provider of wireless, Wi-Fi, high speed Internet, voice and cloud-based services. A leader in mobile broadband and emerging 4G capabilities, AT&T also offers the best wireless coverage worldwide of any U.S. carrier, offering the most wireless phones that work in the most countries. It also offers advanced TV services under the AT&T U-verse' and AT&T |DIRECTV brands. The company's suite of IP-based business communications services is one of the most advanced in the world. In domestic markets, AT&T Advertising Solutions and AT&T Interactive are known for their leadership in local search and advertising.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3272
PUBLISHED: 2021-01-27
jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components.
CVE-2021-3317
PUBLISHED: 2021-01-26
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
CVE-2013-2512
PUBLISHED: 2021-01-26
The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.
CVE-2021-3165
PUBLISHED: 2021-01-26
SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#/CampaignManager/users URI.
CVE-2021-1070
PUBLISHED: 2021-01-26
NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an un...