Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
General
General TopicsGSMBluetooth
Providers
AlltelATT WirelessCingularFidoNextelSprint PCST-MobileVerizon
Manufacturers
EricssonNokiaMotorola
Country Specific
Australian GroupUK Group
Related Topics
PocketPCPalmMore Topics ...
Cellular Phone Forum / Providers / ATT Wireless / August 2004

Tip: Looking for answers? Try searching our database.

e-bill@attwireless ????

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Trey - 17 Aug 2004 19:50 GMT
I have the automatic payment set up on the attws site, so I never really
cared that I didnt get a statement from them, they would just always send an
email saying my bill is ready, I would go to the attws site and all was
well.
However, today, I get an email from e-bill@attws.com stating "Your ATT
Wireless Statement" It has an HTML document attached that takes you to a
login screen. I have NEVER gotten an email like this before.
Would this be a legit email that I should have been getting every month for
the past year? or is it some bogus email trying to get my info?
Reply to this Message
Root - 17 Aug 2004 22:02 GMT
The only way to tell is if the ip address it goes to belongs to attws.

But sounds really fishy, don't do it!!

>I have the automatic payment set up on the attws site, so I never really
> cared that I didnt get a statement from them, they would just always send
[quoted text clipped - 7 lines]
> for
> the past year? or is it some bogus email trying to get my info?
Reply to this Message
John Navas - 17 Aug 2004 22:20 GMT
The simple solution is to call ATTWS Customer Service.

>The only way to tell is if the ip address it goes to belongs to attws.
>
[quoted text clipped - 11 lines]
>> for
>> the past year? or is it some bogus email trying to get my info?

Signature

Best regards,
John Navas     <http://navasgrp.home.att.net/

Reply to this Message
Bucky - 20 Aug 2004 08:56 GMT
"Trey" <treydog90spam@hotmail.com> wrote in message
> However, today, I get an email from e-bill@attws.com stating "Your ATT
> Wireless Statement" It has an HTML document attached that takes you to a
> login screen. I have NEVER gotten an email like this before.
> Would this be a legit email that I should have been getting every month for
> the past year? or is it some bogus email trying to get my info?

I got the same email and was immediately suspicious as well for the
following reasons:

1. an attachment called "Your_Secure_AT_T_Wireless_Statement.html"
2. having to enter your login/password

However, after further review, I believe that this attachment is
legitimate.

1. There was a link buried in the email:
To learn more about the eStatement, click here
https://www.attwireless.com/ocs/faq/FaqQandA.jhtml?view=faqlist&cat=2216&title=e
Statement
As you can see, the domain is under attwireless.com, which confirms
that this is a legitimate FAQ.

2. I saved the HTML (without opening) and opened in notepad. It looks
like an encrypted text file, with a javascript function to decrypt the
statement. Presumably, your username and password are stored as a hash
in the HTML file.

I strongly discourage everyone from using this "secure statement".
Even though this one may be legit, if you get in a habit of clicking
on attachments and entering your login/password, your self-defenses
will be lowered when someone else spoofs this statement. In fact, you
should not even have clicked on the HTML file to see what it was. Who
knows what kind of malicious javascript could have been unleashed?
When you get the statement reminder, just go to their website and log
in their as you had before.

This was extremely irresponsible of ATT Wireless to implement this,
because people will get used to this and get suckered for the next
spoof.
Reply to this Message
Trey - 20 Aug 2004 14:44 GMT
> "Trey" <treydog90spam@hotmail.com> wrote in message
>> However, today, I get an email from e-bill@attws.com stating "Your
[quoted text clipped - 15 lines]
> 1. There was a link buried in the email:
> To learn more about the eStatement, click here

https://www.attwireless.com/ocs/faq/FaqQandA.jhtml?view=faqlist&cat=2216&title=e
Statement
> As you can see, the domain is under attwireless.com, which confirms
> that this is a legitimate FAQ.
[quoted text clipped - 16 lines]
> because people will get used to this and get suckered for the next
> spoof.

Yeah, thats all I do, I just go to the ATTws site directly when that email
comes in. I have noticed they ahve been making a lot of changes to the site,
so this new e-statement may be part of this change. Im still not doing it
though. I fix computers all day, I know what kind of a mess email attachment
can make!
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2010 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.