A Google Voice Scam:
- Google Voice is a cloud service that allows you to use a single phone number that can forward calls to multiple phones
- It allows you to keep a single number as you change service providers, jobs, or homes, etc.
- You can also use Google Voice to make calls or send text messages from a PC
- A Google Voice scam had appeared where scammers contact you with a pretense and then say they want to verify you
- They sent a text with a Google Voice verification code then ask for the code
- If you provide the code, they create a Google Voice account connected to your phone
- They can then use that account to launch attacks connected to you and/or impersonate you
- If a fraudulent account has been created in your name, you can attempt to reclaim is following the steps found here:https://support.google.com/voice/answer/159519?hl=en#zippy=%2Cyour-linked-number-was-claimed%2Cyour-google-voice-number-was-reclaimed
- Bottom line, don’t share your Google Voice verification code or any verification code (or password)
- Report fraud at ReportFraud.ftc.gov orwww.ic3.gov
Use a DNS Service to help block attacks and objectionable content:
- The Domain Name System (DNS) translates human readable domain names to IP addresses
- Your ISP assigns DNS servers for you, but they are often not the best choice
- A DNS lookup averages of 32 milliseconds and a single web page may require dozens of DNS lookups
- DNS services can offer speed, privacy and safety including protection from known malicious sites and content filtering
- You can set your router or a single device to use a DNS service
- Some of the best include:
- Cisco OpenDNS:https://www.opendns.com/home-internet-security/
- Cloudflarehttps://1.1.1.1/
- Quad9:https://www.quad9.net/
Texts lead to voice phishing:
- Smishing is phishing via text messages
- The texts normally include a link to a spoofed site that tries to steal personal information and/or installs malware
- Smishers are now sending texts without links that warn of things like suspicious activity in your bank account
- The texts will ask you to respond and when you do, the attacker will call you to continue with the scam during the call
- In some cases, the attackers don't to log in to the victim’s bank account, they use the stolen information to create financial accounts in the victim’s name for stolen funds
- In one case a victim didn't hang up on the scammers. He put them on hold and called his bank on another line and their customer support said they were talking to him on the phone
- What he didn't know was that the scammers were impersonating him on the phone at the same time. He continued talking to the scammer and got scammed
- Per Brian Krebs "When in doubt, hang up, look up, and call back"