The Google Voice Verification Code Scam, Explained

Short answer: if a stranger asks you to read back a verification code they just sent you — to "prove you're real," "confirm you're not a bot," or finalize a sale — it's a scam. You're not verifying yourself. You're handing them the key to a phone number being set up in your name.

This shows up most on Facebook Marketplace, dating apps, and in "I'm interested in your listing" messages, but the move is always the same: a code, and a reason you should share it.

Quick rule: Never read back, type, or forward a code anyone asks you for. Real verification codes are for you to enter, never to give to another person.

In this guide

• What the scam actually does
• What the message looks like
• Why "just a code" is dangerous
• The red flags
• What to do instead
• If you already shared the code
• Still not sure?
• FAQ

What the scam actually does

The scammer wants a phone number they can use anonymously to run more scams — but they don't want it traced back to themselves. So they borrow your number.

Here's the mechanism:

1. They go to set up a Google Voice number (or another service) and enter your real phone number as the one to link it to.
2. The service texts a verification code to you, to confirm whoever owns that number approved it.
3. The scammer, posing as a cautious buyer or a new match, asks you to read that code back "to verify you."
4. You read it back. They enter it, and now there's a Google Voice number tied to your phone number — under their control.

You did the verification for them, on your own number.

What the message looks like

It's framed as a safety check, which is what makes it land:

There are so many scammers on here, so I use Google to verify
buyers. I'm sending a code to your number now — can you send me
the 6 digits back so I know you're a real person? Thanks!

Variations: "I'll send a verification text, just confirm the code," or a fake "Google" message warning that you must reply with the code to keep your account. The tell is always the same — someone other than you needs the code.

Why "just a code" is dangerous

It feels harmless. It's six digits, not your bank password. But:

• A number registered to you can be used against others. Scammers use it to contact new victims, so the trail leads to your number, not theirs.
• It can be used to break into your accounts. Many services send login and password-reset codes by text. If a scammer can route or trigger codes tied to your number, it weakens your own account security.
• It's a foothold, not the finish. Once they've shown the "verify with a code" trick works on you, they may push for more.

A verification code is a one-time key. Anyone who asks you to hand it over is asking for access to something.

The red flags

• A stranger sends or "is about to send" you a code and wants it back.
• The reason is to "prove you're real" or "not a bot."
• It happens during a Marketplace deal, a dating-app chat, or a job-offer conversation.
• The message claims to be from Google/Apple/your bank and tells you to reply with a code.
• Any urgency: "just quickly confirm the code so we can finish."

What to do instead

1. Never share the code. Not read aloud, not typed, not screenshotted.
2. Stop the conversation. A genuine buyer or match never needs a code from you.
3. Block and report the account on whatever platform you're using.
4. If the message claims to be from a real company, ignore the reply-with-code instruction — legitimate services never ask you to send a code to anyone.

If you already shared the code

Act quickly to take the number back and lock down your accounts.

1. Reclaim or disconnect the Google Voice number. Google has a process to reclaim a number linked to your phone without your consent — search Google's official Voice help for "reclaim a number" and follow it. Do this from Google's real site, not a link anyone sent you.
2. Turn on two-factor authentication for your important accounts (email, banking) using an authenticator app rather than SMS where possible.
3. Watch for password-reset texts you didn't request, and secure any account that uses your number for recovery.
4. Report it to the FTC at reportfraud.ftc.gov, and to the platform where it happened.

Still not sure?

If you got a "read me the code" message and you're second-guessing whether it's legit, that hesitation is worth listening to. Forward the message to FraudRoom at check@fraudroom.com and get a clear answer before you reply to anyone.

FAQ

Is reading back a verification code really that bad?

Yes. The code authorizes something — usually a Google Voice number being registered to your phone number, or access to one of your accounts. Sharing it hands that authorization to a stranger.

A "Google" message told me to reply with a code or lose my account. Real?

No. Google and other real services never ask you to text or read a verification code back to anyone. The code is only ever for you to enter yourself.

How do I reverse the Google Voice scam?

Use Google's official "reclaim a number" process from the real Google Voice help pages to disconnect the number from yours, then enable app-based two-factor authentication on your key accounts and report the incident to the FTC.

Why would a scammer want a number in my name?

So they can run scams on other people using a number that traces back to you, not them, and to gain a foothold for breaking into accounts that rely on SMS codes.

Key takeaways

• A verification code is for you to enter — never to give to another person.
• "Prove you're real by reading me this code" is the scam, most often on Marketplace and dating apps.
• Sharing it lets a scammer register a phone number in your name and weakens your account security.
• If you shared one, reclaim the number through Google's official process and lock down your accounts.

Related reading

• Facebook Marketplace scams: how to buy and sell safely
• Is this text message a scam? How to tell in 60 seconds
• What to do if you clicked a phishing link