Scams have been around for a long time. Unfortunately, as technology has continued to advance, scams have evolved to keep up with the times. What started out as physical junk mail and pyramid schemes eventually turned into robocalls and email phishing.
You’ve probably heard about the basics of defending yourself against these scams. You should never answer calls with a number you don’t recognize, respond to an email from an unverified source, or give out any passwords to anyone.
The problem is that hackers are creating scams that are harder to spot. So, what exactly does it mean when you receive a random verification code text message? We’ll discuss everything you need to know about these potential scam messages and what you need to know to protect yourself.
Prevalence of Text Scams and Why They Are So Effective
Text scams have become more and more common, reflecting the rapid technological advancements of our times.
Decades ago, scams were mostly confined to junk mail and pyramid schemes. However, nowadays, scams have evolved into more sophisticated forms, such as robocalls and email phishing. There are even text-based scams that come in over MMS or SMS.
According to data, text scams have seen a significant rise in recent years. For instance, in 2018, an individual would receive an average of 8.5 spam texts per month. By 2021, this figure had nearly doubled, jumping to approximately 16.9 messages per month. This increase showcases the surge in the activities of scammers and their growing preferences for text messaging.
The 2021 statistics are quite alarming when put into context, with almost 60 million Americans falling victim to scams. The average money lost per scam was around $500, which amounted to nearly 30 billion dollars. The magnitude of these figures underscores the importance of taking protective measures against phishing scams.
The question is, why are text scams so common, and why do people fall for them so easily?
Why Are Scams So Common?
One reason is the inherent trust people tend to place in text messages. Unlike emails, which have been long associated with spam and phishing attempts, text messages are often seen as more personal and secure. This can make users less suspicious and more prone to falling for scams.
Scammers exploit this trust by designing messages that appear legitimate, often impersonating reputable businesses or government agencies. These messages typically create a sense of urgency, asking recipients to respond quickly to keep them from examining the message too closely.
For instance, a message might warn of a compromised bank account or a package that needs confirmation, pressing the recipient into clicking a link or providing sensitive information.
The widespread use of cell phones also contributes to the rise of scam texts. As smartphones have become a staple of our time, so have scammers. They can send out thousands of messages to thousands of mobile numbers at once, increasing their chances of ensnaring unsuspecting victims.
People also fall for scams because of a lack of awareness about the crafty methods employed by scammers. This is especially true for those less familiar with technology, such as the elderly. Education about the telltale signs of scams and how to respond to them is key in combating this issue.
What Is Two Factor Authentication?
Two-factor authentication (2FA) is one of the most popular ways to create an additional layer of security for online accounts, including your Apple or Microsoft accounts. Single authentication will grant access to your account as soon as you enter the username and password. 2FA requires another piece of information before granting access.
The requested information typically falls under one of the following categories:
- Knowledge: This is usually information that only you should know, such as a personal identification number or an additional password. In most cases, the secondary password is the answer to a personal question that no one else should know. Common questions typically include: “What is your mother’s maiden name?” “What was your first car?” “What is the name of your first pet?”
- Possession: These are usually items that only you can access, such as your cell phone, email, software, or credit card. In the old days, businesses would require hardware tokens to grant access to their sensitive information. A key, flash drive, or disk could be required to allow entry. For obvious reasons, physical items aren’t very common for everyday online security.
- Body parts: It might sound like something from a science fiction novel, but various parts of your body can be used as a security layer. A biometric pattern of your fingerprint, iris, face, or voice can be used to unlock your accounts. These are becoming much more common as smartphone technology easily facilitates all four of these options.
How Does a Verification Code Scam Work?
Most websites and online accounts recommend that you enter your personal phone number. The reason is so they can easily set up the most common type of 2FA: an SMS text message. While these businesses mean well, it’s never a good idea for you to give out your mobile phone number.
Unfortunately, there are a few different types of verification code scams used by cybercriminals. It can be difficult to identify these scams, especially for people who are over-trusting or unfamiliar with technology, such as children or the elderly.
The Google Voice Verification Code Scam
One common scam is known as the Google Voice verification code scam. There are a few variations, but it’s always used on people who have listed something for sale online.
Let’s say that you recently listed something on Craigslist, eBay, or Etsy and posted your phone number in your contact information. The scammer would have your phone number (which is not good) and would text you regarding the item.
They would send a message saying something like: “Hello, I’m interested in (the item) and would like to buy it if it’s still available. First, I want to make sure that you aren’t a scammer. I’m going to send you a Google verification code to prove that you’re a real person.”
The text message that you receive will contain a six-digit code. If you send them the code, the scammer will then attempt to create a new Google Voice account with your phone number. If successful, the scammer will now be able to use your number to make calls, send texts, or receive 2FA verification codes from your online accounts.
They can use this account to hide their identity while they scam other victims or sell the account to cyber criminals and hackers for profit.
The Leaked Information Verification Code Scam
Fear is a powerful motivator and can make you react without thinking. Even the most secure online accounts can be the victim of data leaks, breaches, and exposure of information. This includes trending apps like WhatsApp, TikTok, Gmail, and other social media accounts.
These data leaks can commonly result in spammers getting ahold of your username and password. The last piece of their criminal puzzle is to get your authentication code.
The easiest method is for them to send you a phishing text message saying that your account has been compromised. A lot of these messages will really lean into the fear and sound something like this: “ALERT! Your account has been BREACHED! Please reply to the following authorization code to confirm your identity!”
The scammers will then attempt to log in to your online account, which will trigger the 2FA verification code being sent to your phone. Things will move very quickly if you text the authorization code to the number that sent you the first message.
The hackers will enter the code and be granted access to your account. They’ll immediately change the password and login information so you are locked out of the account and at their mercy.
Get a Second Number To Stay Safe
There is nothing to gain from using your real number online. Even if it doesn’t feel like it, your personal phone number is a sensitive part of your identity. Using a second number online is an easy way to build another wall between you and scammers.
Downloading Burner will provide you with a second phone number and keep you safer online. Entering this number online will keep your personal number private. In the event that your number is compromised online, you can simply “burn it” and get a new one. The number will be completely useless to any scammers or hackers.
Visit Burner today to enjoy a free seven-day trial and learn more about how to stay safe online.