Phishing Campaign Goes After AT&T Employees’ MFA Codes
A phishing campaign is targeting AT&T employees and contractors with a well-crafted fake login page, according to Luke Leal at Sucuri. The phishing page is a near-exact replica of AT&T Global’s real employee login portal, and it even offers a dropdown menu for the user to choose one of five different modes of authentication. The first option is a traditional password, while the other four are one-time password (OTP) solutions AT&T uses for added security. These include SecurID (used by the company’s employees), SAFENet (used by certain AT&T business customers), and MTIPS (usually used by the US government).