I am always skeptical of phone calls if it is an unknown number.

Heh, I never pick up a call from an unknown number and I tend to require scheduling a call unless there is something very important that happen suddenly. If someone is interested they could verify themselves by sending a text message from verified source about a missed phone call.

I have different phone number for a bank accounts, for work contacts and for any other thing and finally I don’t share a phone number with other people than family and people I have signed an agreement and I’m doing it so only if there is a need for it and not by default. I’m rather avoiding all jobs that require phone number and I’m especially avoiding everyone who thinks that can talk with me any time (like if I would work for them) without scheduling a call as they are so important, because they want to give me some offer.

All the time I was thinking such a 0 trust methods are absolutely basic for security reasons and all people in IT should know about. However the more I hear about people the less hope I have for humanity. We really don’t need anything need to make us hurt.

Also it’s important to mention that nobody should blame the victim - I wrote about it like for me it was always an obvious thing to do so. I believe that anyone should consider avoiding damage rather than learn how to control it. Such topics are important to remind that attackers are smart. We should not underestimate them. It can happen for everyone.

I recommend to talk with communication security expert. In said “5 min” and with 2 untouched phones on a table a good security expert may demonstrate a fake conversation with message deleting from phone. You can not only loose money, but also your family and that’s because of some messages and you had never seen. That’s really eye-opening. The internet and mobile technologies are based on army’s infrastructure and therefore are insecure by default as there a central point is always expected as a source of trust.

Wow, that’s awful. These people are always coming up with new ways to get around security. Just last week I noticed a new trick to bypass Gmail’s spam filter. They spoofed my address and sent an email to a fake account (my_username@google.com). Since the delivery failed, I got the bounce-back notification and ended up seeing the spam message inside it.