In its latest security alert, the Federal Bureau of Investigation (FBI) warns U.S. citizens that those who have shared their phone numbers online could be affected by a Google Voice authentication scam. According to the Agency, hackers search for active phone numbers in all possible sources, including social networks, sales platforms and job boards.
Google Voice is a telecommunications service from Google launched on March 11, 2009, after acquiring the GrandCentral service. By October 2009, Google Voice had approximately 1.4 million users, of which 570,000 used the service 7 days a week.
In cases of a successful attack, threat actors will set up a Google Voice account in the name of the affected users, in addition to trying to take control of their Gmail accounts. For this, hackers contact users posing as customers, salespeople or recruiters and requesting that they verify their identity by sending an authentication code.
With these simple steps, hackers will try to set up a Google Voice account in the name of the legitimate user, so that they could access their online platforms are required to interact further with the user, thus deploying subsequent malicious campaigns.
Faced with this situation, the FBI recommends that affected users consult Google’s support website to find a remedy and regain control of their account, in addition to disabling the Google Voice account if necessary. The authorities also issued a series of recommendations to prevent this attack:
- Do not share Google verification codes with others under any circumstances
- For online sellers, it is best to always deal with potential buyers in person. If you need to make any electronic transactions, be sure to use legitimate payment processors
- Never share your email address to buyers or sellers doing business over the phone
The campaign is still active, so potential victims are advised to remain alert to possible actions by hackers.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.