Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The general advice I give is:

Don't trust incoming calls, text messages or emails.

Don't trust caller ID on your phone.

If someone calls you asking for information or to do something, ask for a case id or reference number. Hang up, call back on a number you get from a previous bill, back of your credit card, or by googling the company.

If anyone is pushing for something to be done urgently, stop. Hang up, don't take any action. Call a trusted other person and talk to them about it.



> Don't trust incoming calls, text messages or emails.

> Don't trust caller ID on your phone.

And if you're anyone of moderate fame, importance or cryptocurrency holdings, call back using a phone other than the one you received the call from. SS7 attacks remain relatively cheap , and redirecting an outgoing phone call placed to a phone number they know you're likely to call next is within the realm of feasible attacks.


>by googling the company

And remember it's going to be the 4th or 5th link down, not the first.


This is one of many reasons why ad blocking isn't just cosmetic: it's a best practice for security too!


So much this.

I recently saved a friend from getting scammed when she wanted to buy an audiobook, we wanted to avoid Audible because of the DRM and limited device selection.

The first few results she got were some shady services offering really good deals. I looked them up on trustpilot and they weren't outright scams, but they aggressively pushed you into getting an expensive monthly subscription that was basically impossible to cancel.


Yeah the first will be the scammers with a highly targeted ad buy, and who can even tell the difference between ads and search results these days?


All of my search results are search results, because of ad blockers.

Now, many of my search results suck due to SEO and whatnot, but that’s a different story.


> If anyone is pushing for something to be done urgently, stop. Hang up, don't take any action. Call a trusted other person and talk to them about it.

This is honestly the #1 piece of advice to give friends and family.

Almost every scam is predicated on urgency.


I have an entirely seperate phone and SIM for any service I think is important which demands a phone number. (prepay, I top it up by €5 every few months. Sadly I can't automate that)

I generally refuse to give any number if I can help it. I can count on one hand the number of unsolicited calls/texts I've gotten.


I really wish phones would change the UI to make it more obvious that caller ID shouldn't be trusted.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: