| ▲ | barbazoo 5 days ago |
| > Be skeptical of unknown calls. If something feels off, hang up and restart the conversation by contacting the company directly. I wonder sometimes how many scams I've avoided simply by pretty much never answering my phone when someone calls unless I'm expecting a call or it's someone I know. > The attacker already had access to my Gmail, Drive, Photos — and my Google Authenticator codes, because Google had cloud-synced my codes. Ugh, google |
|
| ▲ | arethuza 5 days ago | parent | next [-] |
| I usually don't answer calls from numbers I don't recognise - but a couple of days back it was a scammer claiming to be from Amazon - said I had ordered an iPhone for £600 and was it a real order. I was pretty suspicious but thought I would get them to authenticate their identity as someone really from Amazon by telling me the last thing I had really ordered was... I must have stayed on the call for 20 minutes, eventually they ended up swearing at me - all the time I could hear other people in the same room trying the same lines on different people. I have no idea why I stayed on for so long.... |
| |
| ▲ | unyttigfjelltol 5 days ago | parent | next [-] | | Even when you know it’s fake, the whole thing is very disconcerting. I received a scam call ostensibly from a local utility and filed an identity theft report with local police naming the utility as “victim”. The caller even told me where they (probably really) were. Police do nothing, scams continue until something breaks. | | |
| ▲ | arethuza 5 days ago | parent [-] | | A few years back I got a call from a scammer selling a device that would help stop scam phone calls - that actually took me a while to realise it was a scam (this is like 15 years ago). |
| |
| ▲ | zamadatix 5 days ago | parent | prev | next [-] | | Would (the actual) Amazon even agree to provide this kind of information over the phone to someone? | | |
| ▲ | mmmlinux 5 days ago | parent [-] | | is talking to amazon on the phone at all even actually possible? | | |
| ▲ | giantrobot 5 days ago | parent | next [-] | | That's the easiest way to spot a scam: "Hello this message is from Google customer service..." | |
| ▲ | nebezb 4 days ago | parent | prev [-] | | Yes, and it’s the best way to get support too! They’re real helpful. |
|
| |
| ▲ | galaxy_gas 5 days ago | parent | prev [-] | | I get this kind of call about 5-15 times a day I do not answer calls | | |
| ▲ | arethuza 5 days ago | parent [-] | | A lot of them phone me and ask for my wife by name "Can I speak to XYZ" - I usually reply "No" and end the call. Actually, for the last few calls I've not even been saying the "No". Maybe 3 or 4 of these a day <sigh> | | |
| ▲ | tartoran 4 days ago | parent [-] | | You should not even respond to these. Responding gives them some valuable information about your phone number. Just junk it + report as spam. | | |
| ▲ | galaxy_gas 4 days ago | parent [-] | | I wonder, how this in affects modern software stack that have AI with the AI Call Screening which will ask questions, you can automatically identify certain dimensions: phone is active -- phone has a plan,-- phone is a Pixel or iPhone with a specific minimum model and OS ver ? Then because of the leak side channel effect they can further future target calls such as coming from google about your problem with "your pixel 9 or 10?" |
|
|
|
|
|
| ▲ | crawftv 5 days ago | parent | prev | next [-] |
| The biggest red flag in all these stories is getting a call from a customer support person trying to help you.
When it seems like it’s impossible to get ahold of them in a real emergency. |
| |
| ▲ | jfim 5 days ago | parent | next [-] | | I've actually gotten legitimate calls from the bank, although the correct way to handle those is to say that you won't give any information to them but you'll call them back. | | |
| ▲ | kimixa 5 days ago | parent | next [-] | | When my account had a fraud alert they called me just to say I should call them back immediately on the number on the back of my card. I assumed this was normal. | | | |
| ▲ | 5 days ago | parent | prev | next [-] | | [deleted] | |
| ▲ | lo_zamoyski 4 days ago | parent | prev [-] | | Amazing they would call and request information, given how many institutions advise never to do that. What a shit show. |
| |
| ▲ | speckx 4 days ago | parent | prev | next [-] | | I get legitimate calls from my health insurance company. When they call, they are not allowed to say the company they call from, it's a HIPAA thing. Once I say the name of the health insurance company, they will confirm it. It's weird, but it's the way it is now. | | |
| ▲ | e40 4 days ago | parent [-] | | My health insurance company asks for me by name (“is this …?”). And it’s to a number they know. |
| |
| ▲ | fkskammerz 5 days ago | parent | prev [-] | | It doesnt seem to be a red-flag. The caller was calling as an Attorney from Google General Counsel responding to an estate request. They followed up with a spoofed @google.com email with their name corroborating the call. | | |
| ▲ | ghurtado 5 days ago | parent [-] | | You're missing the point. They're saying that the least likely part of the cover story is that Google would proactively reach out to you in order to help you personally with the service you are (most likely) paying zero dollars for, and assign one of their most expensive employees to the case. |
|
|
|
| ▲ | golan 5 days ago | parent | prev | next [-] |
| As of late, I have one rule: Any unknown number I'm not expecting I let it go to voicemail, where I have a message along the lines of: leave your message and your number, and if it's important I'll call you back. The only time I pick up is when I am expecting, say, a delivery, or a doctor's call, etc, and in those cases I'm only expecting to hear about a delivery or a doctor's call, etc. Hoping that can filter and help on this front. |
|
| ▲ | paleotrope 5 days ago | parent | prev | next [-] |
| I have a 1-2 second rule. I pick up I say hello, if someone doesn't respond in 1-2 seconds, I hang up. They have the scammers working off phone queues, it takes a little bit of time to get the call to the scammer, who has to start off with a script, so there's a delay. Remember, the scammer, also likely not a native english speaker, also probably bored out of their mind, has to spin up, they have to read the name, understand how to say it and then say it out loud. Their is a mental startup time that a normal conversation doesn't have. If someone calls you and isn't ready to immediately respond to "hello" it's a scammer. |
| |
| ▲ | zamadatix 5 days ago | parent | next [-] | | I try to avoid picking up and saying anything because it seems like an advertisement "yes, this number is not only active but a real person who answers random calls - try calling back (possibly from a different number) later". | |
| ▲ | tejohnso 4 days ago | parent | prev | next [-] | | I don't even pick up calls from unknown numbers. I use call screen. Most people hang up as soon as they hear it, or they don't say anything at all. Once somebody did start speaking sensibly and a personal matter and I picked up and continued the call normally. Probably my favourite feature since upgrading to a reasonably modern phone. https://support.google.com/phoneapp/answer/9118387?hl=en | |
| ▲ | barbazoo 4 days ago | parent | prev | next [-] | | In those 2 seconds, do you count the inevitable preamble of "Hellooooo... Hello? ... Heeeello? Yes now I can hear you." or is that just me? | | |
| ▲ | rightbyte 4 days ago | parent [-] | | Whenever I have bluetooth headsets in a 20m radius from my phone I do that too. |
| |
| ▲ | aj7 5 days ago | parent | prev [-] | | I use a variation of this. I answer but do not speak. A legitimate caller will speak immediately. | | |
| ▲ | craftkiller 5 days ago | parent | next [-] | | Not always true. My landlord recently had a contractor call me. I did my usual "pick up and don't say anything" routine for unrecognized numbers, and the contractor silently hung up and never called back. Thankfully my roommate actually answered the call, but pick-up-shut-up prevents legit people from leaving voicemails and sometimes prevents legit people from reaching you entirely. Personally, I would utter a confused "hello?" if I was calling somone, the ringing stopped, and no one said anything, but I guess not everyone would. | | |
| ▲ | brewdad 4 days ago | parent | next [-] | | I could easily see someone like a contractor calling from the road or otherwise not paying full attention to their phone. They likely never realized you answered and needed the "hello" to refocus their attention. | |
| ▲ | lo_zamoyski 4 days ago | parent | prev [-] | | Let it go to voicemail. |
| |
| ▲ | nerdsniper 4 days ago | parent | prev [-] | | As with 'craftkiller, I've noticed that I do need to make some kind of noise. I've settled on subtle light coughs or grunts (nothing anyone would think twice about, but which will definitely trigger a "oh this is a human!"). I figure it might still fool some percentage of automated systems which detect whether a human (and which human) is actually there or not based on automated transcription. |
|
|
|
| ▲ | mihaaly 4 days ago | parent | prev | next [-] |
| In my experience organizations providing services to me for money nowadays ususally just send mail instructing me calling a central number where I can be in the 15th place of the call queue. In case they call they do whenever they please, which is the most inopportune occasion in most cases (in the loo, in transit, in a conversation, basically busy with life!). In best case leaving a message mumbling quickly in a sound quality sounding like sitting in a bucket in ungoverned Afghanistan, with the suspected sense of calling them back on the central number (incomprehensible). Getting a procative call for my benefit would make me very suspicious about the authenticity of that call! |
|
| ▲ | atm3ga 5 days ago | parent | prev | next [-] |
| I've set my phone to not answer unknown callers (those not in my address list) and more importantly, I've done this for my parents as well and further instruct them as often as possible to not believe anything they get in email. With all of this, my mom still will reach out at least once or twice a year in a panic about some scam email she thinks is real. |
| |
| ▲ | general1465 5 days ago | parent | next [-] | | Well easy to say, but if you are working in the real world, then unknown callers may be important - i.e. FedEx trying to push your package through the customs and if they can not contact you, your package goes either back or is destroyed. | | |
| ▲ | yulker 4 days ago | parent [-] | | Legitimate callers for events you initiated leave messages. The correct avenue for critical notifications not initiated by you is still paper mail. | | |
| ▲ | RHSeeger 4 days ago | parent [-] | | But your child's school nurse might not, in an emergency. | | |
| ▲ | yulker 4 days ago | parent | next [-] | | Your child's school nurse would be exactly the type of person who would leave a message | | |
| ▲ | brewdad 4 days ago | parent [-] | | Not necessarily. Ours would work down the list of numbers she had for me, my wife, and other emergency contacts without leaving a message. My wife got pulled out of a meeting at work once despite me being the parent at home because I missed a call from the school and they didn't bother to leave a message. |
| |
| ▲ | john_the_writer 3 days ago | parent | prev [-] | | They might not.. But you'd very likely have their number saved on your phone. Might even have them as an un-mutable contact. My wife/kids and their school are all on the "never mute" list. | | |
| ▲ | RHSeeger 2 days ago | parent [-] | | > But you'd very likely have their number saved on your phone. I certainly don't. Every call I get from the school seems to come from a different number. And the camp she was at when she hurt her leg and had to be taken for immediate medical attention. I get it, in your world, in your experience, it all works out. But in mine, it just doesn't. From experience, I _know_ this is true. |
|
|
|
| |
| ▲ | atlanta90210 5 days ago | parent | prev [-] | | If you have an iPhone, the latest iOS 26 will answer unknown numbers not in your address book for you and ask what they want and then alert you to see if you want to take the call. |
|
|
| ▲ | throwaway7783 5 days ago | parent | prev | next [-] |
| I didn't quite understand this part. Attacked has access to Google accounts because Google had cloud-synced my codes? What does that mean? |
| |
| ▲ | riffraff 5 days ago | parent | next [-] | | The other way around. The attacker had access to the Google account which includes passwords from Chrome and also the 2fa codes stored in Google Authenticator, because those were synced to Google without the author noticing it. So with passwords and 2fa the attacker could login to Coinbase too. | |
| ▲ | remus 5 days ago | parent | prev [-] | | They gained access to the Google account by stealing the verification code over the phone, but then they had easy access to other accounts (e.g. coinbase) because they had access to 2FA codes because Google authenticator was backed up to the users Google account. | | |
|
|
| ▲ | prawn 4 days ago | parent | prev | next [-] |
| “never answering my phone when someone calls unless I'm expecting a call” Friend’s mother got scammed. She’d contacted tech support and they said they’d call back. Then a scammer just happened to call her within that next hour… |
| |
| ▲ | everybodyknows 4 days ago | parent [-] | | Call center worker with a sideline business? | | |
| ▲ | prawn 3 days ago | parent [-] | | Tech support scam calls are common enough that I'd believe it just being coincidental timing. |
|
|
|
| ▲ | thebytefairy 4 days ago | parent | prev | next [-] |
| > Ugh, google In my experience most authenticators cloud sync automatically, at least on iOS. For most people, this is a benefit. Otherwise, lose your phone and you're stuck, I doubt most people secure recovery codes properly either. |
|
| ▲ | pc86 5 days ago | parent | prev | next [-] |
| > I wonder sometimes how many scams I've avoided simply by pretty much never answering my phone when someone calls unless I'm expecting a call or it's someone I know. The answer is almost certainly greater than 0. |
|
| ▲ | AJ007 5 days ago | parent | prev | next [-] |
| If you have to have use a phone, at minimum disable notifications and never answer it. First it removes all of the urgency. Second, the caller has to provide some way for you to contact them, which gives you a second point of contact to validate. Never, ever, use a cloud password manager, that's just dumb. Combining these things together in some sort of master account -- be it Google, Apple, Microsoft -- is also terrible. It's like leaving all of your savings accounts, checking, and investments at a single bank. All of this stuff is going to get way worse because of AI. You'll be talking to real people you know personally who are 100% not AI but were tricked in to asking you to do something by other AI enabled scammers. However aggressive I've suggested people be in the past probably isn't going to be enough for 5 years from now. These things have always been possible, and have been done, but now they can be done at scale, with advanced testing to figure out what works on who, whereas before it was targeting the guy who kept posting pictures of expensive watches on his public Instagram. |
| |
| ▲ | pavel_lishin 5 days ago | parent | next [-] | | > If you have to have use a phone, at minimum disable notifications and never answer it. Great advice for someone who doesn't have children or family members with health conditions. | | |
| ▲ | GoatInGrey 4 days ago | parent [-] | | The charitable interpretation is that they meant to not answer a call from someone not already in your contacts. |
| |
| ▲ | drillsteps5 4 days ago | parent | prev [-] | | > Never, ever, use a cloud password manager, that's just dumb. Combining these things together in some sort of master account -- be it Google, Apple, Microsoft -- is also terrible. It's like leaving all of your savings accounts, checking, and investments at a single bank. Do people actually downvote this? Seriously??? |
|
|
| ▲ | vehementi 4 days ago | parent | prev [-] |
| It's honestly irresponsible to pick up phone calls at this point. Phishers are really good, and every human has some weakness, so you can't guarantee you wouldn't fall for something -- perhaps one day a new vulnerability comes out and your old guidance is no longer perfect. Answering the phone at all is just putting yourself at risk |
