Looks like Swan was hit hard enough to send out a guide on how not to get scammed. The kid was probably for real. --- Hi Jay, We have seen an elevated incidence of a phone-based scam across the financial industry. Please be vigilant and protect yourself from losing funds, including from your Swan account. How does the scam work? Hackers will call you, or contact you online from unknown phone numbers or unknown accounts, claiming to be from Microsoft, Google, your bank, or a company you have a relationship with, like Swan. These fake “agents” will ask you to take certain actions such as reading them a code from your phone or computer. After they obtain this code, they will drain all of your online accounts. Swan representatives will never ask you to share codes or request access to your account. How do you protect yourself? - Never share any code from any device, for any reason, with anyone over the phone, the internet, or in person. Triple check that you’re on the right website before typing in any codes. - Don’t interact with any phone calls requiring you to respond to a robot (“press 1 to continue”). Don’t respond to any calls that tell you your account is at risk and you must take urgent action. Contact us, or book calls, through [official channels](https://link.swanbitcoin.com/ODc1LVhLUS02MzQAAAGTIW8bTj-zEZobK2kXVjFTfu4WTw-gu-ZAr_iuvpGZpCCgZHmue0QzQu3gYfo0vn728bdQZO4=) only. - Set up app-based 2FA on all your online accounts, especially your email and Swan account. [Here’s how to do it on Swan](https://link.swanbitcoin.com/ODc1LVhLUS02MzQAAAGTIW8bTxLsXuzVkHvWlDp_K78gIQ7kcbH69itNYujTLVDniRDAETmZxMB9TtQRwJVm70SLFCw=). - Consider disabling Google Authenticator Cloud Sync. Hackers are exploiting Google Authenticator because it has a feature called Cloud Sync, which is being exploited for this attack. If you use Google Authenticator, here is how to disable cloud sync: Open Google Authenticator ⇒ Tap Profile Photo ⇒ Hit “Use without an account” ⇒ Hit Continue - Carefully read about [common online scams](https://link.swanbitcoin.com/ODc1LVhLUS02MzQAAAGTIW8bTgjWp-Yx27PWFYzErXtmu6f5XGCSloLqcEeiSRAUVGqMlppWPjUwa34FWqHm7239KYA=). - Think twice before completing an identity verification such as a selfie request - Swan will only request a selfie in order to unlock your account. Hackers will often try to convince you to complete this flow and then attack the account once you complete it. - Visit a site like haveibeenpwned.com. If your email has appeared in a data breach, consider updating your email password and changing the email associated with your Swan account. If you'd like to change your Swan email, instructions are located [here](https://link.swanbitcoin.com/ODc1LVhLUS02MzQAAAGTIW8bTsDvTiqvQZvejrvpxaluAjEoA2F1Xay23igJHyFnDBvKisfe5ZZL4cgXP_7IpHf1gPQ=). How do hackers access my accounts? 1. Hackers typically first access your Google account because you’ve reused your password across online accounts, so they can easily guess it. Then they often bypass Google’s account protections by getting you to read them a code over the phone. 2. Once inside your Google account, they rely on people using Google Authenticator for 2FA. Google Authenticator has a dangerous “cloud sync” feature, where your 2FA codes become accessible as soon as they hack your Google account. 3. Once they have your 2FA codes, they can access most if not all of your online accounts including Bitcoin/cryptocurrency accounts, banking accounts, and other sensitive data. They will use this information to drain your funds, steal your personal data, and escalate their attack. This scam can also be performed on other common email accounts such as Yahoo, AOL, Comcast, and others. Google Authenticator is not the only way to perform the scam, but it is common. Stay vigilant and never give information over the phone to anyone claiming to be an agent or protecting you. Consider using a unique password for all your accounts and storing them in a service like 1Password. Pay close attention to emails received from your trusted financial institutions. Prior to clicking on any link, right-click and copy it and validate that it goes to swanbitcoin.com or swan.com, for example. Check that the email From field is from those domains. These are the only authorized Swan domains. If you would like more information, or have any further questions, please visit our [FAQ page](https://link.swanbitcoin.com/ODc1LVhLUS02MzQAAAGTIW8bTrDf1f6C3_bmgcIr25mZmyZuBCP6Rl-JQRSPXr3e3cq7147ieIs5XeXePrg5aQecGAQ=). Thank you, Swan Team nostr:nevent1qqs2spua5xm4ltqkzda7u3tkc98dh240nj38mugqey9f6ufa0evw2xgpz3mhxue69uhhyetvv9ujuerpd46hxtnfdupzpddjvx2m47shkmruhcqspv533mputctgee85qvmauah4quhu7p98qvzqqqqqqyfnuqxx