An important step in protecting your online accounts begins with your one-time PIN. If someone calls you and asks you to read a one-time PIN you just received, this is a sign a scammer is at work.

The one-time PIN you get is meant to help authorize account access, changes, or equipment and service purchases. Bad guys want to use your account to steal money from you or the company. They need the one-time PIN to do it.

Phone with a push notification saying "we won't call and ask you to confirm a one-time PIN"

Here is one common example of how this works:

  1. You get a call saying there are fraudulent purchases on your account for equipment that is being shipped to you. (The caller is actually a bad guy who does not work for the company.)
  2. The caller asks you to give him the one-time PIN to authorize the company to stop the purchase or keep your account open. (The caller really wants to use the one-time PIN to complete an order for those items.)
  3. The caller explains that the company will send someone to your home to retrieve the items or offers a shipping label to “return” the items to the company. (However, the address is really one the bad guys can access.)

In this type of scam, called the Man in the Middle, the bad guy already has your account log-in and password, giving access to account information like your shipping address. He likely got your information through malware on your computer.

Take these steps to better protect yourself against fraud:

  • Malware Protection: Protect your information at the very beginning. Keep your anti-virus and malware protection software current and updated. This will help prevent bad guys from getting any personal and log-in information from you in the first place.
  • Use Multiple Authentication: Turn “on” any additional security measures on accounts, including security passcodes and authentication methods. Added measures such as these increase protection and help you control access to your accounts. (A PIN is one of these measures, so you still must use it carefully.)
  • Do Not Share a PIN: AT&T will not call and ask for your PIN. Keep any passcodes, passwords and PINs to yourself. 

If you think a caller is trying to scam you, hang up. If you get a suspicious email or text, do not reply. If you suspect you are a target of fraud on your AT&T mobile phone account, you can report it to our Fraud team here. If you suspect fraud on another account, call the customer service number on your bill for help.

HTML Editor Component
*Contents may not have visible height

Code snippet: Cyber Aware Custom CSS & JS