A crucial part of keeping your online accounts safe is protecting your one-time PIN. If someone calls you and asks you to confirm the one-time PIN you just received, this is a red flag that you’re about to get scammed. Don’t fall for it.
Why is your PIN so important to protect?
The one-time PIN you receive as a text message or email is used to authorize account access, make changes to your account, or purchase equipment and service in your name. Bad guys want to access your account to steal money from you or the company. They need the one-time PIN to do it, and they will attempt to fool you into sharing this authorization code.
Keep your account safe from fraud. Always remember:
- Companies like AT&T won’t call you asking for a one-time PIN
If someone calls and asks you to confirm a one-time PIN you just received, don’t do it. Even if they say they’re calling from the company, it’s probably a scam.
- Don’t cave under pressure
Bad guys want to get into your account to commit fraud. They’ll make the situation seem urgent to get you to panic and give up your PIN. Hang up and call the official company number that you see on your bill to verify that the request is legitimate.
If you suspect you’ve been a target of fraud on your AT&T mobile phone account, you can report it to our Fraud team here.
Here is one common example of how a PIN Fraud scam works:
- You get a call saying there are fraudulent purchases on your account for equipment that is being shipped to you. (This caller is a bad guy who does not work for the company, despite what the caller says.)
- The caller asks you to give him the one-time PIN to authorize the company to stop the purchase or keep your account open. (This caller actually just needs your one-time PIN to complete an order for those items.)
- The caller explains that the company will send someone to your home to retrieve the items or offers a shipping label to “return” the items to the company. (However, the address on that label is really one the bad guys can access to retrieve the fraudulently purchased items.)
In this type of scam, called the Man in the Middle, the bad guy already has your account username and password, giving them access to account information like your shipping address. He likely got your information through malware on your computer.
Take these steps to better protect yourself against fraud:
- Do Not Share a one-time PIN: AT&T will not call and ask for your one-time PIN. Keep any passcodes, passwords and PINs to yourself.
- Use Malware Protection: Protect your information from the start. Keep your anti-virus and malware protection software current and updated. This will help prevent bad guys from getting any personal and log-in information from you in the first place.
- Use Multiple Forms of Authentication: Turn “on” any additional security measures on your online accounts, including security passcodes and authentication methods. Added measures such as these increase protection and help limit access to your accounts. (A PIN is one of these measures, so you still must use it carefully.)
Always remember, if something doesn’t feel right or you think a caller is trying to scam you, hang up immediately. If you get a suspicious email or text, do not reply. If you think you are a target of fraud on your AT&T mobile phone account, you can report it to our Fraud team here. If you suspect fraud on another company’s account, call the customer service number on your bill for help.