Recent searches
Search options
Today's story features interviews with two recent cryptocurrency heist victims (one who lost > $4.5M) who were hit by the same scammers. The fraudsters used:
-Google Assistant to automate outgoing calls to victims warning of a security incident with their account, and to press 1 to speak to a rep;
-An email from google.com warning about an email hacking incident, including the name and phone number of the Google rep who will be calling. The alerts were sent via Google Forms, which makes them come from google.com.
-Victims were convinced someone had taken over their accounts when they received an alert pop up on their mobile from Google, asking if they were trying to recover access to their account. By this time, the victims were convinced they were talking with Google, and clicked "yes, it's me" trying to recover access:
How to Lose a Fortune with Just One Bad Click
Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.
https://krebsonsecurity.com/2024/12/how-to-lose-a-fortune-with-just-one-bad-click/
@briankrebs I would have stopped the process at the point where a "google rep" is supposed to call me. I can't imagine that google employs people who call users. This is not very plausible.
@jzakotnik @briankrebs Clicking yes to prompt on mobile is complete non-starter. Even allowing that kind of "2FA" (bad 1FA) to exist is a non starter. With a deGoogled device it's not a thing.