Shop holiday gifts while you still can - Everyone gets our best deals on any smartphone!
Need to update email settings?
th0mas1979's profile

New Member


2 Messages

Friday, March 10th, 2023 7:01 PM

Fake account & usurpated mail address ?

​​​​Hello guys,​​​​

​​​​Thomas, i'm from France & i've no account or telephone subscription to AT&T, but i'm receiving emails from AT&T for a subscription that i didn't (the mails are legits, i rode the headers & they're really from AT&T). I think somebody use my email address for registering to AT&T services.​​​​

​​​​Above, headers from the last mail from AT&T :​​​​

​​​​Delivered-To: [email scrubbed]: by 2002:abe:fb85:0:b0:35b:783f:c430 with SMTP id z127csp1023037vlh;Fri, 10 Mar 2023 07:17:07 -0800 (PST)X-Google-Smtp-Source: AK7set+ONJSLcxo8GacmuclR161vnsuP+c+ixDoiHx9lvGuMwDwrZgDGSQhQy3HqUmFJi6EnPO1kX-Received: by 2002:a05:6830:26e0:b0:690:c284:f16c with SMTP id m32-20020a05683026e000b00690c284f16cmr1081554otu.11.1678461426713;Fri, 10 Mar 2023 07:17:06 -0800 (PST)ARC-Seal: i=1; a=rsa-sha256; t=1678461426; cv=none;; s=arc-20160816;b=MjXWvveLY/LDT1wCHF/UliW6ARSXumbQWm9MjpBoMZ28k0vQ5e0KPlbdQgGeD/GJp87xzzTImnQCZMQiZwvDQ77NGni6uuuMCc7Yyvtmx3gY1NOSqez9WRO1jlVZLTtygsHmQ8Lo/abob9gve7mMTdFxTp+KWUF/QNHNFJ/V9OXvFfyPlAVJC06FVIodlbUw8zuSQ7uRk6TIGy/FRaP9/yFBr87sBXM6i8R1oQU3m9WbnnDcdY7cT7ryhZA/Ik7cDkVLXeQcV95wYP7vFzaZiLdTZ5LI/xG7mDnsBRus75+rufJfysdqTfaCpjamxS+6tJ27/qNJmDwrWzrd2OGKwA==ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arc-20160816;h=mime-version:subject:message-id:to:from:date:dkim-signature;bh=Yl+iyrKIOprF0UI8lcSLQfi64SFauJFketG7m075ZXM=;b=zGdRiwEGboVvlJHBXzGvRuabD+6aZs7k1DjW4RJ77zTCk3ofd2VHax6zzFdlBrbl1VmrHIFYw5CDr7FF0WnBSd35LNBsgfPW4qPTfI+znfoSDZ4UWvCeoj1GJUEJh/f7PZX2XXi8pY4JrL/YtNWPloKMIexc/+shREWDee822sT43IOXD+FeWORKCsxzgWoMQzu3wAT594owIyBl+cT1uUiaZqMJ1jeU5vP1uKo2ooLTpOrCV5UIYVlNdj3pBKKWZtUyRV0NuiKd5Lf/gISd0COLyE4Ui6F5+O8Jq++Wzujf6M4wMFYxmlvpSXyT8yZwOSjVX4eMpPD+xmv9QtFazw==ARC-Authentication-Results: i=1;;dkim=pass (test mode) header.s=egs03 header.b="lF8coY/S";spf=pass ( domain of [email scrubbed] designates as permitted sender) smtp.mailfrom=[email scrubbed];dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=att-mail.comReturn-Path: <[email scrubbed]>Received: from ( [])by with ESMTPS id 7-20020a9d0687000000b0068bd3c5600asi257809otx.127.2023. <[email scrubbed]>(version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);Fri, 10 Mar 2023 07:17:06 -0800 (PST)Received-SPF: pass ( domain of [email scrubbed] designates as permitted sender) client-ip=;Authentication-Results:;dkim=pass (test mode) header.s=egs03 header.b="lF8coY/S";spf=pass ( domain of [email scrubbed] designates as permitted sender) smtp.mailfrom=[email scrubbed];dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=att-mail.comReceived: from ([]) by (8.15.2 BerkeleyDB.5.2/8.15.2) with ESMTP id 32AFH5Gl004289 for <[email scrubbed]>; Fri, 10 Mar 2023 07:17:05 -0800​​​​

​​​​Does the domain ​​​​​​​​ ​​​​​​​​belong to AT&T ?​​​​

​​​​Above all the mails (except the 2 first - sorry i though they were spam) :​​​​

​ ​ ​ ​ ​​ ​
​ ​
​Best regards, ​
​ ​
​Thomas​ ​

​PS : i sent a report to abuse@ , the request number (and subject) is :​

​Re: Email address spoofing (or human error) [030423-154029-40744-00]​

Community Support


225.6K Messages

9 months ago

We're here to get to the bottom of these emails for you, @th0mas1979!


If you believe that someone used your email to set up an account, you can report an unauthorized AT&T account or service.


If you know it's wireless you will need to call us at 877.844.5584 If it's digital phone, internet, or U-verse® TV accounts, call 888.471.4576.


Let us know if you have any other questions or concerns. Thank you for visiting the AT&T Community Forums!


CalebP, AT&T Community Specialist 

New Member


2 Messages

9 months ago

I just realise that the number you gave me is located in the USA. I'll not pay a transatlantic call for your incapacity to secure your system. It's not normal that a malicious person could open an account on AT&T network with an usurpated email address.

With the GDPR you MUST give me an access to my information : i could suppress my email address from this account. But I can't. Because your procedure is secure after an account has been created (i can access to an account only with a U2F / confirmation by SMS, BUT i can create a fake account with an usurpated email : eazy-peazy).

Do i send a mail to a famous ePaper/security e-zine to explain this problem ? Or you'll do the necessary to remove MY email address from this account?


Thomas G.


Not finding what you're looking for?