On Fri, Dec 24, 2021, 10:26 John Hasler <j...@sugarbit.com> wrote: > Philippe LeCavalier writes: > > If the device isn't compromised (which, you saying so doesn't in any > > way vet the device as safe and not compromised btw) then the desktop > > you got the number from is the next step to vet. > > How do you explain the Google Voice log entries? >
> Yes the legit number was called but randomly (so it appears) a imposter is > answering while other times the legit company answers. That's the > information we know for fact u less I'm mistaken. So if you asked me to draw a conclusion and forego all the investigative steps suggested which I do not recommend, I would say the two most probable causes are a compromised PBX at the financial institute or sim card cloning. Third on the list would be dns poisoning on the OPs gateway. All 3 scenarios would have the log entries look legit.
