Responds

How scammers are tricking people to share verification codes 

Scammers are using Google Voice to try to obtain multi-factor authentication codes so they can gain access to your account.

NBC Universal, Inc.

Google Voice is a popular application that allows you to make calls and texts over the internet. But the app needs to be linked to an actual phone number to work. It’s why criminals have developed elaborate scams, tricking you into giving them multi-factor authentication codes so they can gain access to your account. 

And when they do, they can make calls that appear to be coming from your number while they stay anonymous.

Watch NBC6 free wherever you are

Watch button  WATCH HERE

It's not a new scam but experts say it’s on the rise.

Eva Velasquez is the CEO and president of the Identity Theft Resource Center (ITRC). She said that despite years of warnings about this type of scam, people continue to fall victim. 

Get local news you need to know to start your day with NBC 6's News Headlines newsletter.

Newsletter button  SIGN UP

A recent ITRC report found that 60% of the over 13,000 crimes reported to the organization in 2023, involved the use of Google Voice.

Velasquez says stopping the scam starts with people protecting their multi-factor authentication codes. 

“In terms of Google Voice, this one is dependent on you sharing that multi-factor authentication code. So the key takeaway here is, I don't care how legitimate sounding the reason is, you don't share that with another,” she said.

But if you do fall victim and an imposter gets access to your account, Google has made it easier to get your number off that account. 

If you go to Google Voice help on Google, you will see a tab labeled “protect your verification code” and then you will see an option to disconnect your number. 

After entering your telephone number, you will be given an access code that you can enter to disconnect your phone number. 

Velasquez says their research shows victims of all ages are being impacted by identity theft related scams.

She says this should be a reminder to be vigilant and use tools like multi-factor authentication correctly. 

“That is for you to use to log in to a website. It is not to send to someone else…What you're essentially doing is giving away that lock. It's a lock that you have on your account where you are the only one that has the key and once you give that to other people, you've essentially given them the key.”

NBC6 reached out to Google for this story and we didn’t hear back. 

But in the past, a Google representative told NBC6 Responds – that “Google takes action for abuse of its services…” and the company “has a team that investigates complaints of fraud and scams that it receives from law enforcement.” 

You can report scams directly to the Federal Trade Commission using this link:

ReportFraud.ftc.gov

Contact Us