Cybersecurity

Mark Cuban’s Gmail was hacked by a threat actor posing as Google—here’s how to prevent it from happening to you

Entrepreneur and investor Mark Cuban said his Gmail account was hacked after a threat actor posing as a Google employee called him.
article cover

Michael Reaves/Getty Images

3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

For that reason, I’m out. Entrepreneur and investor Mark Cuban—whose net worth is $5.4 billion—said his Gmail account was hacked by someone pretending to be a Google employee, MSN reported.

Cuban posted on X over the weekend, explaining that the threat actor named “Noah” called and told him that an intruder had tried to gain access. That’s when the hacker walked him through what he thought was Google’s account recovery process.

Dialing in. The phone number that “Noah” spoofed—650-203-0000—is, in fact, a working number for Google Assistant, and Rachel Tobac, CEO of SocialProof Security in San Francisco, posted on X that changing caller ID “takes less than a minute and can be done using apps available on the App Store.”

“The scam is simple,” she wrote: Threat actors use data breaches or data brokerage sites to find a victim’s number. Next, they’ll use a spoofing app to choose which number to display on caller ID; call the victim while posing as customer support; and tell the victim that, due to an incident, they must “follow the steps” for account recovery. From there, the victim could pass along sensitive info to the attacker, such as a password, multi-factor authentication code, or “account recovery details.”

We got in touch with Tobac to find out more. She told IT Brew that “we’re definitely seeing an increase in phone-based attacks.” And that’s because “technical tools have improved to catch more email-based attacks—so cyber criminals turn to phone calls and texts more to reach their victims,” she said.

Can we fix it? “The only real people who can make a big change when it comes to spoofing are the telcos,” she said. “So we’re talking all the major providers. Actually, every provider, every carrier has to work together to implement the caller verification the same way.”

Stir/Shaken is one potential solution from the Internet Engineering Task Force (IETF). The “proposed standard…defines a signature to verify the calling number, and specifies how it will be transported in SIP ‘on the wire,’” according to telecom company Ribbon Communications.

For users looking to protect themselves from these kinds of caller ID scams, Tobac recommends hanging up and calling the organization directly, noting that these kinds of scams can happen to anyone.

“It’s really important that people realize in the United States that they cannot trust their caller ID,” she told us. “If they get a text [or] a phone call, and it says it’s from Google or Apple, or Microsoft or Geek Squad, or Norton or their bank, it’s really important that they don’t just take that at face value, but rather use a second method of communication to confirm and see if it’s legit.”

Mark Cuban did not immediately respond to IT Brew’s request for an interview. We hope he knew it was really us.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.