Phishing expedition at heart of AT&T hacking
"What AT&T didn't say in its press release is that the stolen info for an unknown portion of about 19,000 customers was immediately put to use as part of an unusually deceptive phishing scam.
Each message included a legitimate order number culled from the AT&T vendor's database to create an illusion of authenticity. Messages also included the recipient's home address and the last four digits of his or her credit card number."
http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2006/09/01/BUGVBKSUIE1.DTL
"What AT&T didn't say in its press release is that the stolen info for an unknown portion of about 19,000 customers was immediately put to use as part of an unusually deceptive phishing scam.
Each message included a legitimate order number culled from the AT&T vendor's database to create an illusion of authenticity. Messages also included the recipient's home address and the last four digits of his or her credit card number."
http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2006/09/01/BUGVBKSUIE1.DTL