By Maribel Velazquez
Aug 12, 2024, 12:43 PM EDT
Scams using verification codes are nothing new, but experts in the field say that hundreds of people fall into this trap every day due to the use of Google Voice, an application that has gained popularity thanks to the fact that it allows people to make calls and send text messages over the Internet.
For the app to work, it needs to be linked to a real phone number, an action that scammers take advantage of to develop elaborate scams, in which they trick you into offering multi-factor authentication codes to gain access to your account.
Once the user provides the code, users receive calls that appear to come from their number, and that is when the scam is committed.
Eva Velasquez, CEO and president of the Identity Theft Resource Center (ITRC), told NBC that despite warnings, people continue to fall victim to these scams, which will not stop if people do not protect their multi-factor authentication codes and stop believing “legitimate calls.”
“When it comes to Google Voice, this is dependent on you sharing that multi-factor authentication code. So the key takeaway here is don’t give a damn about how legitimate the reason sounds, don’t share it with anyone,” he said.
Although the message is aimed especially at adults, given their vulnerability to new technologies, Velasquez indicated that after an investigation launched by ITRC, the results showed that there are victims of all ages, which should serve as a reminder to stay alert and use the multifactor authentication tool correctly.
“This is for you to use to log into a website. It’s not for you to send to someone else. What you’re basically doing is giving that lock away. It’s a lock that you have in your gutter that you’re the only one who has the key to, and once you give it to someone else, you’ve basically given them the key,” Velasquez said.
Tips to avoid being a victim of a scam
While it is true that the ITRC has worked very hard to make society understand the danger to which it is exposed by not carefully handling the multi-factor authentication tool, it is also true that users constantly “fall” for it because the scams are becoming more “subtle” every day.
To avoid unpleasant surprises, Google Voice offers some recommendations, which at first seem very basic, but in the end turn out to be very safe, and which we list here:
- Never respond to requests for your verification code, because Google employees will never ask you for this code
- Protect your verification code. You can do this by clicking on the section where you will be offered the option to “disconnect your number”; then you can enter an access code so you can disconnect your phone.
- Check that your account is protected. You can do this from the top of the page, where you will see a green shield that means your account is protected.
- Double-check your security recommendations: add or update account recovery options, enable two-step verification, remove risky access to your data, and activate screen locks.
- Don’t forget to update your software, otherwise you’ll be giving hackers an entry point to your data.
- Use unique and strong passwords – it’s not enough to use one for all your accounts, because if a scammer gets a hold of one site’s password, they could use it to access all your accounts from multiple sites.
- Avoid applications and extensions that you don’t need, since having several in your browser only makes your security vulnerable. You may need some extensions, but reject any that seem unfamiliar to you.
Continue reading:
* WhatsApp strengthens the security of your chats
* WhatsApp job offer scams: How to spot them and what you can do to avoid falling for them
* This is how you can find out which of your contacts blocked you on WhatsApp