Skip to content

At The Identity Organisation, we're here to help!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Beware of a New Google Voice Authentication Scam – Even if You Don’t Use Google Voice!

    FBI Warns of Financial Extortion

    A new advisory warns of a scam that can affect literally anyone designed as a precursor to additional vishing scams and/or to perform Gmail account takeovers.

    If you’re unfamiliar with Google Voice, it is a service where Google provides you with a virtual phone number so you can make and receive calls and texts. Assuming you are unfamiliar with it, you may be wondering what’s all the excitement about?

    According to a new FBI advisory entitled “Building a Digital Defense Against Google Voice Authentication Scams”, the FBI outlines a scam that involves a threat actor responding to a personal ad – they use the example of selling a couch on craigslist or some other site – and says they want to make sure you are legitimate so they don’t get scammed by sending you an authentication code from Google.

    What’s really happening is they scammer is setting up Google voice using your phone number as the primary number and using you to assist them with Google’s authentication process during setup. Once completed, the threat actor has a new Google Voice account tied to your mobile phone, so they can carry on without worrying about having it tied to their phone. Additionally, the code being sent could be purposed to allow them access to reset the password to your Gmail account.

    Organizations relying on Gmail for corporate email should be specifically concerned about the ramifications of such a scam; with access to one of your internal email accounts, threat actors can easily spray out phishing emails designed to provide endpoint access or install ransomware.

    Users should be educated about this and other such scams using ongoing Security Awareness Training. Through repeated exposure to phishing and scam scenarios, users build up a sense of vigilance against these kind of attacks, spotting them instantly, and reducing the organization’s risk of successful attack.


    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1

    New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/one-on-one-demo-partners?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top