The Google Voice Verification Scam That’s Creating Malicious Accounts

With billions of users worldwide, Google has recently been alerting customers about verifications they’re getting. Millions of users have reported (especially around the holidays and into the New Year) that they have received Google verification text messages non-stop regarding their accounts. This text message scam has been going around for a while, but it’s getting much worse.

 

What Is The Google Voice Verification Scam?

 

The Google voice verification scam is an attempt by fraudsters to gain access to a person’s Google account. The scammer will contact the potential victim via phone, email, or text and claim to be from Google. They will then try to convince the victim to provide them with their Google Voice verification code. Once the scammer has the code, they will access the victim’s account and potentially steal personal information or hijack it. It is important to be aware of this scam and to never provide your verification code to anyone unless you are sure that it is a legitimate request from Google.

 

Be wary of unsolicited requests for your code, and never click on any links they provide. If you are ever unsure, contact Google directly to verify the request. Even if you never created a Google Voice account, this scam is going around to help hackers gain access to your Google Account, ultimately setting up your Google Voice account. It has a simple link that looks like a Google short-link, but it gives hackers access to your account.

 

Many people have mentioned that they’ve received a google verification code on their mobile phone, even though they haven’t done so. Many users will see the message “Google is trying to add this device to your list of devices and needs you to confirm your number.” It is followed by a random sim link that verifies whatever device you connect.

 

What Does This Mean If I Receive This Message?

 

This means one of a multitude of things.

1. Someone, somewhere, is trying to use your phone number to issue themselves a Google Voice number – making your phone number the forwarding number.
2. You (or someone else) are trying to log in from a device that Google has not authorized. If you’re sitting doing things as usual, and you and nobody else doing this that you know – this means that someone out there is doing so without your permission.
3. Someone is trying to steal your identity and log into your Google Gmail email.
4. Someone may be trying to connect their Craigslist account using your phone number, which would make you responsible for illegal things that they do.
5. Someone is trying to steal your identity to use your phone number – ultimately signing up for something so they can pretend to be you.

 

If you click this link, the victim can provide instant access to the hacker to log in to their email, Google Voice, and all other Google apps. While it’s been happening for a long time, NortonLifeLock recently noticed and has documented the trend as a legitimate scam/cyberattack technique.

 

Why Is This So Dangerous?

 

Many people with a mobile phone wouldn’t think twice when receiving a confirmation message from Google. During the data breach, this scam is the equivalent of someone trying to dress up as someone important to you. When questioned by an authority figure, many people wouldn’t think twice and would go ahead and give that police officer their information. Worse, using this scam is a way to exploit Google’s recovery system.

 

What Should I Do?

 

First, you should register and add your phone number and a recovery email address that isn’t well known to the public. This will help you maintain your information even if someone tries to steal your account.

 

Secondly, do NOT (we cannot repeat this enough) text your security code or even click on the authorization link if there’s one in the text message. They will end up pretending to be Google and asking for your code, and then they’ll try to text you asking for the code.

 

If you’ve texted back to the number the security code, or even if you have clicked on the authorization link, then you need to act fast. Quickly change the password to your Gmail and Google account before the attacker can lock you out of it.

 

If you haven’t created a Google Voice number, you need to create a Google Voice number by clicking the link and getting one. When asked for a forwarding number, make sure you enter a number (not the number that the scammer stole), such as a family member’s or spouse’s number, to have it as a forwarding number. You can permanently remove this number later if needed.

 

You may enter this code when you receive the Google Verification request that YOU approved and requested. DO NOT do this for confirmation requests other than the one you have made.

 

Go to https://voice.google.com/settings and click the blue circle. You can now enter your scammed phone number as the forwarding number you wish to add. If you try to reclaim this number that hasn’t been used in the past, more than likely, you’ll get a message that states that your number is in use on another account and you need to reclaim it. Take your number back, and your phone number will be removed from your account.

 

The Final Conclusion

 

While it’s easy to have this happen to anyone, having the right cybersecurity on your work and home devices is essential to protect your business. Suppose you ever receive ANY text message claiming to be from Google, Microsoft, or a government office that you didn’t try to link your phone to. In that case, you need to treat this information as completely confidential – and realize that you are acting as a firewall for your device by ignoring these unrequested messages.

 

Failure to do so could result in your identity being stolen, and your phone number’s security code should be treated as you would an SSN or other pertinent information. And always change your password if you think your google has been broken into.