Question Calls are being made from my phone and events with malware links added to google calendar

Sean87NC

Commendable
Jun 12, 2017
28
2
1,545
1
Good morning!

So, I think I am either going crazy or something is wrong with my phone such as hacked or malware. Here is what is happening.
Yesterday, I got a pop up on my phone notifying me of a calendar event. The calendar entry said "It is time to make a change" and had a Tiny URL link. I was able to trace this link which redirected to a site(I forgot to write down the site info). I didn't click the link, or go to the page. I just hovered to see where it would go and it seemed like one of those malware sites. The name profit or profit starters was in the domain.
Anyways, this event was added to my google calendar and it was added everyday forever. I removed it of course.

My second problem. I keep getting calls from people that claim that my number dialed their number. One guy was actually pissed because he said "I didn't leave a voicemail". Well, I can t tell you that I am not making the calls and if I look at my phone log on my Galaxy S5(yes I know it is old), I don't see anything showing being dialed out. Is it possible someone can hijack a phone and make calls with it? Or maybe it is just dumb luck that so far, 18 people have called me asking why I called them?

All of the above has just recently started taking place. I would say within the last 30-45 days.
I have a basic malware program on my phone and it didn't find anything. I didn't think it would anyway.

What can I do? How would someone be able to add a Google Calendar entry into my calendar for everyday of the foreseeable future?
i already checked and Google Calendar is not set to "Allow Public to View".

I already changed my Google password FYI in case someone had got in. I know my password is a known password as I went to that site where you type in your password to see if it is known(forget url) and it showed up. A funny point, how do we know that the person who made that site isn't just making the largest database of passwords so brute force methods will be reduced? You have thousands and hundreds of thousands of people typing in their passwords into that site....Another topic.

I have a few games from Google Play Store on my phone but don't think it is them. Besides these 4 games, there are no other applications besides work related apps like 3CX, MAAS360, Outlook etc.

Any help or advice is appreciated.

Regards,
Sean
 

britechguy

Commendable
Jul 2, 2019
1,480
239
1,340
162
Well, you've already narrowed the time frame. Have you installed any new apps during that time frame? That's the first thing I'd be looking at. If anything has updated itself in that period I'd be looking at that, too.

With regard to your "making calls" you could also be someone whose phone number is being used in a spoofing scam. It is now possible to spoof phone numbers much like e-mail addresses.
 

Sean87NC

Commendable
Jun 12, 2017
28
2
1,545
1
No, nothing new was added to the phone recently. I also cleaned up some space on the phone, removed some old apps. I had heard about phone spoofing but don't know much about it. Someone is literally calling people using my number. Like I said, I have had an guy call me super upset, cursing wondering why I didn't leave him a voicemail. I told him I never called him and he said I was a liar and how did I think he got my number. I mean. It is freaking me out!
 

britechguy

Commendable
Jul 2, 2019
1,480
239
1,340
162
Well, if you didn't call him then you know you didn't call him. It's highly unlikely that your phone is calling him, either, though it could be if folks are all complaining about hang-up calls. It's still far more likely to be someone trying to cull active phone numbers using your phone number as the fake caller-id number.

You are wise to try to determine if your phone is compromised, and I hope others have more ideas for doing so.

In the final analysis, it is not likely that "the damage" with regard to the use of your phone number can or will be undone. If someone is spoofing it they'll keep using it so long as it's convenient. If your phone has been compromised it's not likely to be easy to "exorcise" it.

My gut tells me it's more likely spoofing than your phone being hacked, but you have no absolute way of knowing that and the Google Calendar bit is peculiar, to say the least. That being said, Google has become incredibly anal about notifying users if they've logged in from an unusual location or using an unknown device. I get these sorts of notifications all the time if I'm traveling and using WiFi at locations that are nowhere near to my typical home location. If you haven't received anything like this the probability of someone actually having access to your account and logging in to same is small.

See the results from: https://duckduckgo.com/?q=how+to+determine+if+your+phone+number+is+being+spoofed

It seems the consensus is that if you determine your phone number is being used in a spoofing operation that changing it is the best option.
 

britechguy

Commendable
Jul 2, 2019
1,480
239
1,340
162
By the way, check to see if you happen to have the feature on where Google will try to automatically create events in the calendar based upon the content of your e-mail messages. I know it exists, but I can't recall what they call it.

If it is on, it would be entirely possible for a spam message (not recognized as spam, though) to accidentally trigger the process. I'd definitely poke around my inbox to see if there's anything that seems to connect it to the calendar event you saw.
 

Sean87NC

Commendable
Jun 12, 2017
28
2
1,545
1
By the way, check to see if you happen to have the feature on where Google will try to automatically create events in the calendar based upon the content of your e-mail messages. I know it exists, but I can't recall what they call it.

If it is on, it would be entirely possible for a spam message (not recognized as spam, though) to accidentally trigger the process. I'd definitely poke around my inbox to see if there's anything that seems to connect it to the calendar event you saw.
What you said sounds like it is most likely the case. Someone is spoofing my number to call people. I will check the Calendar settings. Prior to posting I did check account login activity and there wasn't anything suspicious. Only my logins. I changed my password anyway. I don't know, it just seemed very concerning that I got a calendar entry with that strange statement and a tiny url link and it was made as a everyday reoccurring event.

Also, to the next poster. I do not have blue tooth turned on. I only turn it on when I am in my car driving to and from work.
 
Thread starter Similar threads Forum Replies Date
H0PEFU11Y Antivirus / Security / Privacy 2

ASK THE COMMUNITY

TRENDING THREADS