FTC Identifies New Hacking Tricks

Written By Haley Metteauer

On October 27, 2021, the Federal Trade Commission (FTC) issued warnings to companies of two new hacking tricks — the Fake Email Alert and the Google Voice Scam Alert.

The Fake Email Alert

According to the Fake Email Alert, scammers are sending fake IRS emails  offering email recipients a third Economic Impact Payment (EIP).   By clicking on the link in the email and providing the requested personal information, the recipient enables the scammer to commit identity theft, just like many of the classic government impersonator scam.

In attempting to assess whether or not an attempted correspondence from the IRS is legitimate, the FTC warns that “the government will never call, text, email, or contact you on social media saying you owe money or offer help in getting a third Economic Impact Payment.” The FTC further recommends that a recipient of any of these types of emails should visit the IRS's website directly for trustworthy information on EIP payments.

The Google Voice Scam Alert

The Google Voice Scam Alert is reportedly a coordinated effort to steal telephone numbers by targeting people who have posted items for sale, are missing pets, or have otherwise posted information online, seeking others to respond and contact them. The scammers use this public posting as a means to suggest that the original poster is not “real” and to request a verification code sent by Google to confirm the poster's identity. The FTC warned that if the original poster utilizes the verification code, the threat actor may then create Google Voice telephone numbers linked to the original poster's telephone number. The scammer may then use the new Google Voice telephone number to falsely list items for sale and take advantage of internet consumers on an account associated with the original poster’s name.

To prevent these types of attacks, the FTC provides the following recommendations:

  • Do not share the Google verification code sent to your phone with anyone. If hackers don't know your code, they are less likely to be able to access your information.

  • If you gave someone a Google Voice verification code, follow these steps from Google to reclaim your number.

  • Don't share sensitive personal information with anyone without first verifying the recipient.

Any recipients of these potential scams and hacks should report the occurrence to the FTC via their fraud reporting portal. If you have any questions or concerns regarding this new information, please contact Kennedy Sutherland.

Haley Metteauer
Previous

House Financial Services Subcommittee Held Hearing on Cyber Threats
Next

FBI Issues Warning That M&A Transactions at Risk for Ransomware Attacks