- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
- [email protected]
cross-posted from: https://lemmy.dbzer0.com/post/36237226
You must log in or register to comment.
The call would have ended the second they they told me they’re from Google.
Google does not call you.
I guess that depends. On GitHub it sounds like the victim is a paying customer of Google Workplace, not just some free account. I had similar genuine calls from hotels, credit card companies, an ISP, my electricity provider etc.
So yes, there are some signs that might make you suspicious, but I guess we agree that this was not just a regular everyday scam but a pretty professional, well-prepared and possibly targeted attack.
Anytime this happens, hang up and call a known company support number
Don’t misdial or you might be connected to the ‘savings line’
Interesting
The thing that’s crazy is that if I followed the 2 “best practices” of verifying the phone number + getting them to send an email to you from a legit domain, I would have been compromised.
Since when was “verifying the phone number” a best practice? Phone number spoofing is still a thing and trivial to do, which is why the best practice is to call back once you verify the phone number matches whatever the company lists (or, preferably, call their main number).
