Lookout
Phishing
Threat Summary
June 11, 2019

Attack Targeting AT&T Corporate Employees

Overview

On April 16, 2019, Lookout discovered a new phishing attack targeting AT&T employees. The attacker developed a copy of the AT&T Global portal login screen in an effort to steal user credentials including multi-factor identification values. The moment the attacker began building the phishing site, Lookout flagged it as suspicious and monitored its development.

First, the attacker registered a spoofed version of the AT&T domain. Next, Phishing AI applied computer vision to analyze the use of logos and graphics, resulting in a final conviction. Lookout quickly notified AT&T and continued to monitor changes until the malicious site was taken down.

Potential impact

AT&T employees would have risked having their accounts taken over, compromising their privacy and exposing themselves to fraud and identity theft. This login provides access to proprietary corporate applications and could have exposed AT&T to significant business risk as well as a longer term advanced persistent threat.

Early detection by Lookout Phishing AI

With its advanced Phishing & Content Protection technology, Lookout is able to identify early signals of a phishing attack and build protection for Lookout users, as well as provide early warning to Lookout partners before their customers are impacted.

Authors

Lookout

Cloud & Endpoint Security

Lookout is a cybersecurity company that makes it possible for tens of millions of individuals, enterprises and government agencies to be both mobile and secure. Powered by a dataset of virtually all the mobile code in the world -- 40 million apps and counting -- the Lookout Security Cloud can identify connections that would otherwise go unseen and predict and stop mobile attacks before they do harm. The world’s leading mobile network operators, including AT&T, Deutsche Telekom, EE, KDDI, Orange, Sprint, T-Mobile and Telstra, have selected Lookout as its preferred mobile security solution. Lookout is also partnered with such enterprise leaders as AirWatch, Ingram Micro, Microsoft, and MobileIron. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C.

Discovered By
Lookout
Threat Type
Phishing
Entry Type
Threat Summary
Platform(s) Affected
Lookout
Phishing
Threat Summary

Related Content

CryptoChameleon: New Phishing Tactics Exhibited in FCC-Targeted Attack

Lookout recently discovered an advanced phishing kit exhibiting novel tactics to target cryptocurrency platforms as well as the FCC via mobile devices.

Read Threat Article

Lookout Phishing AI Discovers Campaign Targeting Verizon Employees

Phishing AI discovered this campaign targeting Verizon employees on mobile devices.

Read Threat Article

Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy

Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).

Read Threat Article

Stop Cyberattacks Before They Start With Industry-Leading Threat Intelligence.

Schedule Demo
HeaderHeaderHeaderHeader
CellCellCellCell
CellCellCellCell
CellCellCellCell
CellCellCellCell