Curious, how does this Craigslist scam work on iOS?

Discussion in 'iOS 12' started by Julien, Oct 5, 2018.

  1. Julien macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #1
    Downsizing and selling my HT. Posted my speakers on Craigslist and got a response. Wanted to send me a verification code from Goggle Voice. Smelled phish so I Goggled (or Duck Duck Goed). The scam requires the person to have your Gmail account. This person had nothing and I don’t use Gmail (even told them). I never opened any of the text messages and deleted out of precaution. Now I can’t see why they contained. What would sending this code to the scammer accomplish, especially on my iPhone? Here are the pics of the conversation.


    Screen Shot 2018-10-05 at 12.35.55 PM.png



    Screen Shot 2018-10-05 at 12.37.08 PM.png
     
  2. GreyOS macrumors 68040

    GreyOS

    Joined:
    Apr 12, 2012
    #2
    I don’t know Google Voice but looks like he was trying to add your telephone number to it. To confirm the number belonged to him, Google would probably send a text to that number with a code for him to enter. You giving him that code could have allowed him to complete that step, though it looked like it failed to work somehow.

    Don’t share 2FA or verification codes with others again.
     
  3. Heat_Fan89 macrumors 6502

    Joined:
    Feb 23, 2016
    #3
    Definitely a scam. The only thing I can think of is that code you have to enter uploads your Gmail password? Typically a legit buyer won’t ask you to do that and will offer to meet in person.
     
  4. now i see it macrumors 68040

    Joined:
    Jan 2, 2002
    #4
    Some guidelines to follow when selling on Craigslist: Craigslist is teeming will scammers.

    Always use CL email relay for contact.
    Never post your exact address
    If someone contacts you via CL relay email and wants you to text them back, don't. It's more likely than not someone harvesting live phone numbers. Always use the CL relay email.

    If it's a real potential buyer, they will ask normal questions about your item for sale.

    Anything of value I've sold on CL, I've gotten at least one msg from someone trying to scam me by sending cashiers checks and having someone else pick it up later. That's always a scam.

    But in CL favor- I've sold two cars and lots of used stuff on CL to legitimate buyers. You've just got to be very wary and careful. Every CL buyer wants a discount off your asking price, so post an asking price that will take that into consideration. (Higher than what you're willing to accept).
     
  5. NoBoMac macrumors 68020

    NoBoMac

    Joined:
    Jul 1, 2014
    #5
    For Google Voice to work, you need at least one other phone number to setup service. So what appears to be happening is that the scammer is using OP phone number as their at least one number. Google Voice will then text or call the phone to verify that legit. Once scammer has setup their Google Voice number, they then can turn off all forwarding of calls to the OP number. Or remove completely and replace with some other number.

    Scammer scams, and down the road, abandons the GV number and moves onto another one.

    That the GV verification code info is in Vietnamese, and OP in Atlanta, would have ended any conversation for me.

    ADD: and this is why people are using burner phone number apps for CL and other boards where your number will be plastered about.
     
  6. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #6
    Probably something along the lines of https://www.reddit.com/r/Scams/comments/65ze35/craigslist_google_voice_scam_i_fell_for_it/
     
  7. Julien thread starter macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #7
    I still don'y understand what the scammer could gain from me. I don't use or have google Voice/Gmail or Google Calendar. So how could using my phone number give any control of my AT&T iPhone or number to the scammer????
    --- Post Merged, Oct 5, 2018 ---
    OK posted at the same time. I guess this makes the most sense. So just to be sure the verification number was not shown in my screen shots and I needed to open the text to see it? So since he keep trying looks like it didn't work.
     
  8. tromboneaholic Suspended

    tromboneaholic

    Joined:
    Jun 9, 2004
    Location:
    Clearwater, FL
    #8
    They are basically stealing your identity in a way.

    Google is sending a code to you, that you are then forwarding to the scammer.


    Whatever the scammer does in the future to scam people, will be tied to you if you provide the actual code.
     
  9. Julien thread starter macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #9
    It sorta looks like the entire message is in the screenshoots and maybe the code too like 109591 in the first one. However he keep saying wrong code and sending again until he gave up. Do you have to open the text for the code to be accepted? Can Google tell if the text message was NOT opened (there is no read like iMessage) or was the code deeper down?
     
  10. tromboneaholic Suspended

    tromboneaholic

    Joined:
    Jun 9, 2004
    Location:
    Clearwater, FL
    #10
    I can't read the language, but there may have been more if you had opened the message.
     
  11. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #11
    It's not that something would happen by opening the message or in the message itself, it's just about the code itself and simply the scammer knowing what it is (as in you letting the scammer know what the code was that was sent to you).
     
  12. Julien thread starter macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #12
    I found a screenshot that I did only Mac and it seems to have the translation. Asking about a link to install Google Calendar??? That seems odd since I don't use or have google Calendar. What could this mean.

    Screen Shot 2018-10-04 at 5.03.23 PM.png
     
  13. sean000 macrumors 68000

    sean000

    Joined:
    Jul 16, 2015
    Location:
    Bellingham, WA
    #13
    Yeah...I bet this was just a way to set up a new Google Voice number that would be tied to your mobile number. Then the bad actor would have a google voice number available to run scams out of that would be traced back to you and not to them.

    Unfortunately Craigslist is full of scam artists, but there are ways to use it safely: Never put your name or contact information in the post, and always use Craigslist's proxy email feature for communication (there are also other proxy communication services you can use). Agree to meet in a public place. Our police station even has a couple of parking spaces near the door designated for this type of transaction. I buy and sell stuff on Craigslist every now and then, but I have been frustrated by buyers that turned out to be scam artists. I've had better luck posting things on our local neighborhood "NextDoor" site, but usually I need to cast a wider net.

    Speaking of Google Voice... we have a Google Voice number we use for stuff like this. I don't like to give my actual cell phone number to anyone for the sake of a one-time transaction. I use our Google Voice number instead... I also put our Google Voice number on any kind of registration form that asks for a home phone number (like our grocery store rewards account).
     
  14. NoBoMac macrumors 68020

    NoBoMac

    Joined:
    Jul 1, 2014
    #14
    The Google Translate translation is "123456 is your Google Voice code".

    Not a good scammer, from appearances.

    Looks like a couple of things going on. Appears that scammer is trying to sign into Google Voice website and or app and Google is sending 2FA codes to OP number for that. And they forgot to send the two-digit code on their screen that OP would need to enter on their phone when Google robocalls them. Guessing OP is getting a random 800/866 number and ignoring.

    http://eesmyal.com/wp-content/uploads/2012/01/Verify-Google-Voice.png

    Re: the calendar message. Standard Google process of when getting onto one of their web services that has an app, they'll have a box asking if you want to use the app, and if so, they'll text you the link. Guessing scammer tapped at the wrong thing when flailing about.
     
  15. sean000 macrumors 68000

    sean000

    Joined:
    Jul 16, 2015
    Location:
    Bellingham, WA
    #15
    I guess the question here is, did you provide them with any of the verification codes that allowed them to actually complete the registration of a new Google Account or Google Voice number tied to your mobile number? If you think that might have happened, I would try to contact Google to see if someone can tell you what accounts are associated with your mobile number. Of course contacting Google is not easy. I'm not even sure how to go about it. They do have ways to report identity theft and fraud, but you usually need to be very specific about what happened.

    You might try putting your number into their Google Account Recovery page to see what accounts come up. There might be a separate one for Google Voice.
     
  16. NoBoMac macrumors 68020

    NoBoMac

    Joined:
    Jul 1, 2014
    #16
    Link within link "C DM" provided has instructions for reclaiming your phone number. Basically, create your own Voice account using some other number you have access to (not the scammed number) and then click the reclaim option for the scammed number.

    https://archive.fo/7isfZ
     
  17. Julien thread starter macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #17
    You see everything the scammer saw or knows. I did not open any of the texts or send any info other than the screenshoots just to prove I got it. I then deleted the unopened text messages.
     
  18. C DM macrumors Sandy Bridge

    Joined:
    Oct 17, 2011
    #18
    If any code was seen from what you sent and was able to be used then something could have potentially taken place (if the codes were correct and used correctly). Again, opening or not opening the texts doesn't really matter, it's simply seeing/knowing the code that they would have.
     
  19. Julien, Oct 5, 2018
    Last edited: Oct 5, 2018

    Julien thread starter macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #19
    Just checked and I have an Google voice phone number from MANY years ago. I thought it would have expired since I havn't used it. Looks like my phone is still linked to it. So shouldn't this mean it's not linked to any other Google voice number?

    Screen Shot 2018-10-05 at 4.20.59 PM.png


    EDIT: I just verified since I don't think that was ever done. Not sure how it works but it looks like by checking I will receive a text from the Google Voice number.

    So I should use this number for things like Craigslist? Is it more secure or what??? Have been weening off Goggle services and tracking for the last few years. Hate to start back down that road again.

    Screen Shot 2018-10-05 at 4.30.47 PM.png
     
  20. sean000 macrumors 68000

    sean000

    Joined:
    Jul 16, 2015
    Location:
    Bellingham, WA
    #20
    I mostly use my Google Voice number to register for services that require a phone number. I don't put any phone numbers in Craiglist ads or even while I'm negotiating with a potential buyer. I do that all through Craigslist proxy email (they call it 2-way email relay). That obscures your actual email address, but not necessarily your display name. I kind of go by gut feeling. If the buyer or seller sounds legit and offers their phone, I may contact them via phone or text using my Google Voice number. If I google them and they totally seem safe (one time I recognized the seller as a neighbor) I will just contact them from my iPhone.

    Since Google sent you a verification code that the scammer you were dealing with initiated, that tells me that they knew either your cell phone number or your Google Voice number, and they were trying to get you to give them the code to verify some transaction that was definitely sketchy. I could see this being pretty effective scam with some. A scammer gets someone's personal email or phone number from a Craigslist ad or transaction. Then they attempt to access that person's account using the account recovery option. A verification code goes to you, and they try to talk you into providing it to them. Some people who aren't familiar with scams or how multi-factor authentication or trusted email/phone verification works could easily fall for this. Fortunately you recognized it for what it was, but I would make sure everything is protected with multifactor. Many accounts (including Google) also let you audit activity.
     
  21. Julien thread starter macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #21
    Well I just smelled phish and always trust my instincts. Just for safety I deleted my phone number and then re added it. It sent me a code and I entered it. So if I understand correctly my iPhone number CAN'T be used by or attached to any other Google number.

    Also looked and there were no phone calls or messages sent to my Google number yesterday or today.
     
  22. TheLocNar macrumors member

    TheLocNar

    Joined:
    Nov 2, 2017
  23. Julien thread starter macrumors G4

    Julien

    Joined:
    Jun 30, 2007
    Location:
    Atlanta
    #23
    Here is another Craigslist scam I doesn't understand. First I got an email and sounded OK. As you can see the first 2 post sound normal and then the 3ed. Of course it smells but what is there to accomplish? Sending me a fake cashier check (which I wasn't going for) and not picking up???? How does that scam me?

    Screen Shot 2018-10-06 at 6.30.13 AM.png
     
  24. NoBoMac, Oct 6, 2018
    Last edited: Oct 6, 2018

    NoBoMac macrumors 68020

    NoBoMac

    Joined:
    Jul 1, 2014
    #24
    In this case, something along the lines of, "you know what, I've talked to the little lady, and we don't want the item anymore. Can you send the money back? Here's my PayPal account, PO box, etc.". Or "I've got a mover lined up, can you wire them the extra $50 as a deposit and I'll send you another check for that. Here is their PayPal account".

    Or, has cohorts in town. They pickup stuff, and a few days later, find out check bounced and lost money and items.

    ADD: this specific number, one of the first search hits is a post on a scam alert site stating it's a "send money to mover" scam.

    https://www.bbb.org/scamtracker/detail/fakecheckscam-10466-NY/261615

     
  25. macfacts macrumors 68040

    macfacts

    Joined:
    Oct 7, 2012
    Location:
    Cybertron

Share This Page

24 October 5, 2018