We consider a single-cell massive multiple-input multiple-output (MIMO) system in which a base station (BS) with a large number of antennas simultaneously transmits to K single-antenna users in the presence of an attacker. Massive MIMO systems often operate in a time division duplexing (TDD) fashion. The BS estimates the channel state information (CSI) at receivers based on their uplink pilot transmissions. Downlink transmission rates are highly dependent on these estimates, as the BS utilizes the CSI to exploit the beamforming gain offered by massive MIMO. However, this CSI estimation phase is vulnerable to malicious attacks. Specifically, an attacker can contaminate the uplink pilot sequences by generating identical pilot signals to those of legitimate users. We formulate a denial of service (DoS) attack in which the attacker aims to minimize the sum-rate of downlink transmissions by contaminating the uplink pilots. We also consider another attack model where the attacker generates jamming signals in both the CSI estimation and data transmission phases by exploiting in-band full-duplex techniques. We study these attacks under two power allocation strategies for downlink transmissions. Our analysis is conducted when the attacker knows or does not know the locations of the BS and users. When the attacker does not have perfect location information, stochastic optimization techniques are utilized to assess the impact of the attack. The formulated problems are solved using interior-point, Lagrangian minimization, and game-theoretic methods. We obtain a closed-form solution for a special case of the problem. Our results indicate that even though the attacker does not have the perfect location information, proposed pilot contamination attacks degrade the throughput of a massive MIMO system by more than 50%, and reduce fairness among users significantly. In addition, we show that increasing the number of pilot symbols does not prevent the proposed attacks, if the BS uniformly allocates powers for downlink transmissions.