Skip to main content
AT&T Community Forums
Gift your grad endless possibilities. Celebrate right now and connect them to their brightest future.
Need to update email settings?
Learn more
th0mas1979's profile
th0mas1979
#1 Star!

New Member

 • 

2 Messages

Friday, March 10th, 2023 7:01 PM

Fake account & usurpated mail address ?

​​​​Hello guys,​​​​

​​​​Thomas, i'm from France & i've no account or telephone subscription to AT&T, but i'm receiving emails from AT&T for a subscription that i didn't (the mails are legits, i rode the headers & they're really from AT&T). I think somebody use my email address for registering to AT&T services.​​​​

​​​​Above, headers from the last mail from AT&T :​​​​

​​​​Delivered-To: [email scrubbed]: by 2002:abe:fb85:0:b0:35b:783f:c430 with SMTP id z127csp1023037vlh;Fri, 10 Mar 2023 07:17:07 -0800 (PST)X-Google-Smtp-Source: AK7set+ONJSLcxo8GacmuclR161vnsuP+c+ixDoiHx9lvGuMwDwrZgDGSQhQy3HqUmFJi6EnPO1kX-Received: by 2002:a05:6830:26e0:b0:690:c284:f16c with SMTP id m32-20020a05683026e000b00690c284f16cmr1081554otu.11.1678461426713;Fri, 10 Mar 2023 07:17:06 -0800 (PST)ARC-Seal: i=1; a=rsa-sha256; t=1678461426; cv=none;d=google.com; s=arc-20160816;b=MjXWvveLY/LDT1wCHF/UliW6ARSXumbQWm9MjpBoMZ28k0vQ5e0KPlbdQgGeD/GJp87xzzTImnQCZMQiZwvDQ77NGni6uuuMCc7Yyvtmx3gY1NOSqez9WRO1jlVZLTtygsHmQ8Lo/abob9gve7mMTdFxTp+KWUF/QNHNFJ/V9OXvFfyPlAVJC06FVIodlbUw8zuSQ7uRk6TIGy/FRaP9/yFBr87sBXM6i8R1oQU3m9WbnnDcdY7cT7ryhZA/Ik7cDkVLXeQcV95wYP7vFzaZiLdTZ5LI/xG7mDnsBRus75+rufJfysdqTfaCpjamxS+6tJ27/qNJmDwrWzrd2OGKwA==ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;h=mime-version:subject:message-id:to:from:date:dkim-signature;bh=Yl+iyrKIOprF0UI8lcSLQfi64SFauJFketG7m075ZXM=;b=zGdRiwEGboVvlJHBXzGvRuabD+6aZs7k1DjW4RJ77zTCk3ofd2VHax6zzFdlBrbl1VmrHIFYw5CDr7FF0WnBSd35LNBsgfPW4qPTfI+znfoSDZ4UWvCeoj1GJUEJh/f7PZX2XXi8pY4JrL/YtNWPloKMIexc/+shREWDee822sT43IOXD+FeWORKCsxzgWoMQzu3wAT594owIyBl+cT1uUiaZqMJ1jeU5vP1uKo2ooLTpOrCV5UIYVlNdj3pBKKWZtUyRV0NuiKd5Lf/gISd0COLyE4Ui6F5+O8Jq++Wzujf6M4wMFYxmlvpSXyT8yZwOSjVX4eMpPD+xmv9QtFazw==ARC-Authentication-Results: i=1; mx.google.com;dkim=pass (test mode) header.i=@emailff.att-mail.com header.s=egs03 header.b="lF8coY/S";spf=pass (google.com: domain of [email scrubbed] designates 144.160.128.152 as permitted sender) smtp.mailfrom=[email scrubbed];dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=att-mail.comReturn-Path: <[email scrubbed]>Received: from egssmtp03.att.com (egssmtp03.att.com. [144.160.128.152])by mx.google.com with ESMTPS id 7-20020a9d0687000000b0068bd3c5600asi257809otx.127.2023.03.10.07.17.06for <[email scrubbed]>(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);Fri, 10 Mar 2023 07:17:06 -0800 (PST)Received-SPF: pass (google.com: domain of [email scrubbed] designates 144.160.128.152 as permitted sender) client-ip=144.160.128.152;Authentication-Results: mx.google.com;dkim=pass (test mode) header.i=@emailff.att-mail.com header.s=egs03 header.b="lF8coY/S";spf=pass (google.com: domain of [email scrubbed] designates 144.160.128.152 as permitted sender) smtp.mailfrom=[email scrubbed];dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=att-mail.comReceived: from egs-westus2-prod-app-vm-01.az.3pc.att.com ([135.170.33.82]) by egssmtp03.att.com (8.15.2 BerkeleyDB.5.2/8.15.2) with ESMTP id 32AFH5Gl004289 for <[email scrubbed]>; Fri, 10 Mar 2023 07:17:05 -0800​​​​

​​​​Does the domain ​​​​​​​​att-mail.com ​​​​​​​​belong to AT&T ?​​​​

​​​​Above all the mails (except the 2 first - sorry i though they were spam) :​​​​

​ ​ ​ ​ ​​ ​
​ ​
​Best regards, ​
​ ​
​Thomas​ ​


​PS : i sent a report to abuse@ , the request number (and subject) is :​

​Re: Email address spoofing (or human error) [030423-154029-40744-00]​

Questions

 • 

Updated 

3 months ago

 • Edited

68

2

0

ATTHelp

Community Support

 • 

214.9K Messages

3 months ago

We're here to get to the bottom of these emails for you, @th0mas1979!

 

If you believe that someone used your email to set up an account, you can report an unauthorized AT&T account or service.

 

If you know it's wireless you will need to call us at 877.844.5584 If it's digital phone, internet, or U-verse® TV accounts, call 888.471.4576.

 

Let us know if you have any other questions or concerns. Thank you for visiting the AT&T Community Forums!

 

CalebP, AT&T Community Specialist 

0

0

th0mas1979

New Member

 • 

2 Messages

3 months ago

I just realise that the number you gave me is located in the USA. I'll not pay a transatlantic call for your incapacity to secure your system. It's not normal that a malicious person could open an account on AT&T network with an usurpated email address.

With the GDPR you MUST give me an access to my information : i could suppress my email address from this account. But I can't. Because your procedure is secure after an account has been created (i can access to an account only with a U2F / confirmation by SMS, BUT i can create a fake account with an usurpated email : eazy-peazy).

Do i send a mail to a famous ePaper/security e-zine to explain this problem ? Or you'll do the necessary to remove MY email address from this account?

Regards.

Thomas G.


(edited)

0

0

Related Conversations

Loading...

Did this help you?

Tags

security

fraud

customer service

spam

at&t

email

Not finding what you're looking for?
Ask a question
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.