Scammed out of $130K via fake Google call, spoofed Google email and auth sync
6 hours ago
- #phishing
- #cybersecurity
- Received a phishing call from someone claiming to be from Google Support, who sent a seemingly legitimate email from [email protected].
- Shared a verification code in panic, leading to the attacker gaining access to Gmail, Google Drive, Photos, and Google Authenticator codes.
- Attacker drained the Coinbase account, resulting in a loss of approximately $80,000 (now worth $130,000).
- Google's security flaws included allowing phishing emails from '@google.com' and enabling Authenticator cloud sync by default.
- Advice includes changing passwords, never sharing verification codes, being cautious with Google Authenticator cloud sync, and skepticism towards unknown calls.
- Suggested alternatives to Google services include using Brave or TOR browser, alias email services like simplelogin.io, and secure platforms like proton.me.