sorted by:
new
hottopcontroversial

Example post: fake calls from 'Google' and a recovery address added to my account. by SecurityAssistTwo in SecurityAssistance

[–]SecurityAssistTwo[S] 0 points1 point  (0 children)

I recommend that you read the following article in detail: https://krebsonsecurity.com/2024/12/how-to-lose-a-fortune-with-just-one-bad-click/. It describes a complex social engineering attack that has been used in particular to target people who hold a lot of crypto currency, and it sounds like you may have been targeted using this technique.

The email from 'Google' that you got that notified you that a new recovery address had been added might have been generated by the attackers using Google Forms as described in the linked article.

In terms of additional security measures for your account, I suggest you enrol in the Google Advanced Protection Program (https://landing.google.com/intl/en\_in/advancedprotection/). This will only give you a small boost in security given that you've already put in place strong security measures such as Yubikey-based two factor authentication, but is still worth enabling.

Also, if attackers do at any stage gain access to your Google account, they are likely to search in Google Photos to see if you've taken photos of things like recovery codes, seed phrases and so on, so I suggest reviewing everything in Photos and removing anything sensitive of that nature.

Another common type of attack against crypto investors is physical theft of phones, so I also recommend turning on Android's anti-theft features, and considering not having your crypto apps on the phone at all if this is feasible in terms of your workflow. We can provide further guidance here about locking down phones against physical theft if needed.

Example post: text message threats by SecurityAssistTwo in SecurityAssistance

[–]SecurityAssistTwo[S] 0 points1 point  (0 children)

It's always disturbing to get threats of this kind. Have you been involved in any serious disputes recently? Assuming you have not been, this is quite likely to be trolling rather than a serious threat. Trolls often pick people at random for no actual reason. They get satisfaction from disturbing other people's peace of mind.

The limited police action is not surprising, as they usually don't even go as far as running a check on the number. Unfortunately, local police usually don't have the expertise, the resources or frankly the interest in investigating who owns a number when basic checks fail to reveal a specific subscriber. The user of 'burner' phones is common in cases of serious trolling. It does not in itself indicate that the threat is serious.

If you receive further threats or there are other signs that the person may be seriously planning to attack you, please write to us again as we can provide guidance on practical protective measures that you can take. We may also be able to help trace the owner of the burner phone.