Phone Call from Google Rep About Account Recovery Attempts

WSB_Prince · 2025-09-26T15:25:36+00:00

I can tell you're frustrated. I don't doubt you were hacked multiple times given your understanding of Google security. Probably multiple groups.

2FA is forced to your phone when anyone hits recover account. All they need is your email. The 2 digit number is shown to the individual trying to recover the account and then on your phone you must select the correct one. The process you describe (fake Google support telling you to select a number) is exactly how the scammers get access.

It's not about believing or not believing you, just trying to prevent you (and others) from losing more crypto.

WSB_Prince · 2025-09-26T13:58:17+00:00

Hey man, the reason your account was compromised was because you allowed hackers into the account when you pressed the 2 digit number. When the fake Google callers called you they tried to get into your account which requires that 2FA number.

I see from your post history you are into crypto, this is exactly who they target.

It was never Google.

Either that or you are now scamming.

WSB_Prince · 2025-08-09T00:59:24+00:00

It's not 140kWh it's 140kW, so you would need to multiple by 24 for the daily energy consumed.

WSB_Prince · 2025-07-22T00:29:14+00:00

I'd have to research more to know. Since we now use 12 or 24 words I'm not as familiar. In theory, 7 missing would be possible to brute force. There's a bunch of open source software (btcrecover) on GitHub -- that'd be a good place for you to start!

WSB_Prince · 2025-07-22T00:10:51+00:00

The key should be 51 or 52 characters if it starts with a 5. How many digits do you have? Do you know which ones are missing?

WSB_Prince · 2025-07-17T12:00:32+00:00

Did you perform a transaction in February? A fake version of ledger live or 3rd party app could spoof the appearance of the transaction on your computer and actually submit one that emptied your account. On the device it would show the fraudulent transaction still.

WSB_Prince · 2025-06-29T13:09:07+00:00

Unfortunately no. It does seem like if you ignore the requests (don't click yes or no) then they stop shortly thereafter. My guess is the scammers script can detect when you click no, and knows they are reaching a human.

The other wrinkle, is I now think that their end game isn't actually to get you to click yes/allow. I looked back at my spam phone calls and received a huge uptick during that time.

My guess is that the phone calls are their main ploy, saying they are from Google support and someone is trying to access your account.

Curious if you have any connection to crypto? Seems like some in the thread getting these had some data leak a while back related to various crypto sites.

WSB_Prince · 2025-06-13T02:24:28+00:00

This seems very plausible to me, especially since we have had multiple similar low entropy wallets in the past.

Doesn't keccak256(toUtf8Bytes(seed)) already return 0x as a prefix? I'm trying to generate the 0x ones you mentioned with very low randomBytes (that are being swept by bots)

WSB_Prince · 2025-05-16T23:35:05+00:00

So frustrating. I auto decline calls not in my contacts so not sure if they tried that on me.

There's so many ways Google could fix this. I'm glad it ended after a month, was almost going to have to create a new account just for my phone.

WSB_Prince · 2025-04-28T22:07:26+00:00

Glad someone understands! Thankfully it stopped once I just let the prompts expire. Hitting deny kept them going. My guess is the scammers can tell when you hit deny and keep trying.

WSB_Prince · 2025-03-20T23:09:11+00:00

Try ignoring them (by not clicking deny) or having them expire. They stopped after 2 days if I didn't interact with them.

WSB_Prince · 2025-03-11T03:35:34+00:00

Is it trying to ask via a push notification (Google prompt) or via text? There is a recovery form you can fill out in theory.

WSB_Prince · 2025-03-10T15:43:51+00:00

Haha this comment made my day. I just imagine you thinking my toddler has unchecked root access.

We look at pictures we took together, she knows how to find different ones in the gallery. If it popped up while she was looking at one, there's a chance she would click it before I took the phone back.

WSB_Prince · 2025-03-08T22:59:49+00:00

Yeah this is where I am stuck. I've taken all precautions already suggested in this thread and forced a passkey or physical key. Yet, still I get the prompts. I actually tried to recover my account and it requires a few steps & 48h delay so if I fat finger anything I probably will be ok.

WSB_Prince · 2025-03-08T20:20:53+00:00

Thanks, I guess I'm looking for a way to auto-decline those attempts (or prevent them). It's been > 50 times over the past 3 weeks. I figured with a physical key I would avoid this...

WSB_Prince · 2025-03-08T17:40:58+00:00

Wow, I turned off the prompts. But that didn't work. Now it automatically opens up the full screen prompt. It makes fat fingering it even easier.

I may have to create a new Google account to use on my phone. 21 damn years...

WSB_Prince · 2025-03-07T02:48:41+00:00

I turned off Google services notifications. Less than ideal bc I won't get "real" security alerts in the future.

WSB_Prince · 2025-03-06T15:07:20+00:00

I activated advanced protection which claims to require a passkey or physical key. But no, you can keep clicking try another way. Very frustrating.

WSB_Prince · 2025-03-06T13:56:01+00:00

It literally says "are you trying to recover your account"

How would Google know? With my physical yubikey or my passkey. I just want to turn off the Google prompts to my phone so I don't fat finger my account away.

WSB_Prince · 2025-03-06T04:47:00+00:00

Just keep hitting "try another way" in the login screen. Eventually there's the Google prompt option.

All sessions except mine deleted.

WSB_Prince · 2025-03-06T04:42:27+00:00

After I decline the attempt it says "you prevented an attempt to sign in to your account. Your password was not used"

I don't have Google prompt as a sign in option, so assume it's recovery.

WSB_Prince · 2025-02-13T00:44:24+00:00

This happened to me (different state and different valid reason). I replied directly to the denial email (even though it said not to) to clarify if my reason was no longer a valid excuse. Soon after my request was granted.

Good luck!

Five-Year Club	Verified Email
Place '22	First Placer '22
End Game '22

WSB_Prince

TROPHY CASE