AT&T Email Addresses Are Being Compromised by Crypto Thieves

Earn Your First Bitcoin Sign up and get $12 Bonus Referral bonus up to $3,000

Cell phone and internet provider AT&T says anyone with an AT&T email address is in danger of being targeted by cyberthieves looking to get their hands on cryptocurrency.

AT&T Email Addresses Are in Danger

Executives from the phone company have come out to say that hackers are infiltrating the email addresses of users with AT&T email addresses and using them to steal their digital assets. The addresses include att.net accounts, sbcglobal.net accounts, or bellsouth.net accounts. The hackers have gained access to a part of the provider’s internal network. From there, they can create mail keys for any user they victimize.

With these keys in hand, they can use an email app to log into their accounts and begin resetting passwords for services like crypto exchanges or trading platforms. AT&T spokesperson Jim Kimberly says the problem has been identified and that those in charge are working hard to ensure things don’t get any worse than they already are. Jim said:

We have updated our security controls to prevent this activity. As a precaution, we also proactively required a password reset on some email accounts.

While he is not speculating as to how many people have had their accounts compromised at the time of writing, Jim further stated:

This process wiped out any secure mail keys that had been created.

One of the victims to have had their crypto stolen and their account infiltrated said the following:

It has been happening repeatedly since November 2022. Probably ten times at this point. I notice it has been done when my Outlook client fails to ‘connect’ and I quickly login to my [AT&T] site and delete their key and create a new one. Very frustrating because it is obvious that the ‘hackers’ have direct access to the database or files containing these customer Outlook keys, and the hackers don’t need to know the user’s AT&T website login to access and change these outlook login keys.

A separate user wrote in an online forum:

Hello, my email was compromised back in March of this year, and I have done everything I can to reset password, security questions, etc., but occasionally, I’m still getting emails that a secure mail key has been created on my account without my knowledge. They would even delete the email notification, so I don’t see it, but I recently changed to another email for profile updates, so they don’t have access. This sounds like someone still has access to my account, but how?

So Many People Coming Forward

A final victim wrote:

I’ve had the same issue for months and just started again. Password wasn’t changed but account locked out, and a mail key [keeps] being created somehow.

Adding insult to injury is the fact that AT&T phones have also often been used in SIM-swapping cases to attack crypto accounts.

Source: Read Full Article