We all know that setting up Google’s 2 step authentication is added level of security for our user credentials for all google services. But having this set-up doesn’t mean that you are bulletproof now. Still you could be tricked such a way that you will scarifies your credentials. So please read and understand this. This could be applicable not just for google accounts but for all your secure logins including your banking accounts.
Just think about this scenario.
- A hacker finds out your user name (gmail account), which is very easy as its your gmail address.
- He finds out your associated mobile number. Which is also very easy as all your known people have your mobile number as well as email address.
- He will go to login screen of gmail account and tries your email account and opts for password reset. He chooses option of sending the SMS to your number with OTP.
- Now he sends you a SMS such as this one.
- Google legitimately sends you a OTP SMS to your mobile number.
- You will copy that OTP and send it back to him.
- Done! You are hacked!
Moral of the story: Never give your OTP to anyone, including any phone calls you are getting, even if they say that they are from bank.
Please share this info with your loved ones too.