This latest scam can give hackers instant access to your Google accounts, and make it easy for them to read all your email, log into YouTube and other Google owned properties, and easily access your banking, PayPal, and Amazon accounts
There's a new scam going around that gives hackers almost instant access to your Google and other accounts. It is easy to fall for, even if you are cautious and take steps to keep scammers out of your life.
Here's how it works.
You get a text message claiming to be from Google.
The message says,
"Google has seen suspicious activity on your Google Account. To verify that you are the actual account holder, Google will send you a text message.
When you get the text message, enter the six-digit authorization number in your text reply.
"
This text message looks real and there is no reason to believe it is not from Google.
You'll immediately receive a second text from Google that looks something like this:
The above message actually is from Google. And the authorization code in it gives anyone who has access to that code, the ability to change your password at Google and log into your Google account. This gives them access to all your Gmail and other Google accounts.
So if you reply to the first text and give them your authorization code, you have just turned over your Gmail and all Google accounts to the hacker.
The hacker can then use your Gmail account to visit Amazon, YouTube, PayPal, even your bank accounts, and request new login information for those accounts. Those sites will send a confirmation email to the email address provided by the hacker (the one that used to be yours), and the hacker can then change login details at your different accounts and drain PayPal, place orders with Amazon, and send mass emails through Google.
It's so easy to fall for this kind of scam because it looks legitimate and by the time you realize you have been scammed, the hacker has taken control of your Gmail and other accounts changed their passwords and locked you out.
Variations of this hack can occur when you post items for sale on Craigslist. The hacker will send you a text asking if the item is still available. When you reply 'yes', they'll send a follow-up message asking you enter the code they just texted you.
As in the first scam above, the code you are getting is from Google and will give the hacker access to your Google account.
Other variations of this hack include what seems to be invites from Google or YouTube or other sites offering to give you something free, or access to password sites, or to upgrade your account to a higher level.
All you have to do is text them the verification code they (but really Google) sends you.
You may be thinking that anyone with any sense won't fall for this scam. But you'd be wrong.
A quick search on Google for 'Google Verification Scam', will show over six million results. Many of these are messages posted on Google support boards asking how to recover from these kinds of scams.
Google's answer often is, "read the message Google sent with the verification code. It says never share your code with anyone."
Of course, by then, after you have given the verification code to the hacker, it is too late.
In your haste to reply to the first text, you entered the verification code and went on with your life. T
Only later do you discover you can't log into your Google, Amazon, Paypal and other accounts (because the passwords and logins have been changed by the hacker). You immediately contact Google, but without the correct password, Google can't verify who you are neither can Amazon or PayPal or other accounts you have. From that point on, your life takes a nasty turn - one that can cost you a lot of money and months and months trying to regain control of your hacked accounts.
The short video below summarizes how the scam works and what to do if you've been a victim of it.
The clear message is, never reply to a text asking you to enter a number sent to you from Google - unless you personally went to your Google account and requested it. Never give the verification code to anyone. Even if the request looks legit, don't do it. And make sure your relatives and friends don't fall for this scam either. It is easy to do.
About This Site
