Other ways to search: Events Calendar | UTHSC

SPAR – Cybersecurity Scam of the Week – Google Voice Authentication Scams


Google Voice is a service where Google provides you with a virtual phone number so you can make and receive calls and texts.

Here is what scammers are doing. They reply to an ad, such as selling something on craigslist or finding a lost dog. They say they want to make sure you are legitimate, so they send you an authentication code from Google. You receive that authentication code in the form of a call or text. You repeat the number back to them, proving you are a real person.

What is really happening is the scammer is setting up a Google Voice account in your name using your real phone number as verification. They can use that Google Voice account to conduct any number of scams against other victims that won’t come back directly to them. They can also use that code to gain access to, and take over, your Gmail account.

Here are some ways to avoid getting scammed in the first place:

  • Never share a Google verification code with others.
  • Only deal with buyers, sellers, and Fluffy-finders in person. If money is to exchange hands, make sure you are using legitimate payment processors.
  • Don’t give out your email address to buyers/sellers conducting business via phone.
  • Don’t let someone rush you into a sale. If they are pressuring you to respond, they are likely trying to manipulate you into acting without thinking.

If you believe you are the victim of an online scam, report it to the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your local FBI office.

What else has been reported to abuse@uthsc.edu this past week?

  • [Ext] SUBSCRIPTION ID NOR10012022JM – same phishing attempt we see every week, a Norton auto-renewal scam
  • [Ext] Billing confirmation email – another Norton scam
  • [Ext] ACH-#5380 Authentication – wanting the recipient to open an attachment, the From field said “utshc.edu-Admin”, but it was from an external email address.
  • [Ext] TRANSIT:ID:#LDJ02454H04_66 – another attempt to have someone open an attachment they weren’t expecting

Keep reporting suspicious emails to abuse@uthsc.edu for examination and any other inquiries for the Office of Cybersecurity should be directed to itsecurity@uthsc.edu. Remember that widespread phishing emails will also be reported to the Phishbowl.