Quote Originally Posted by Espon View Post
When you log into a fake website, it asks for your OTP. Once you hand over your info, the website then immediately logs into your account and removes the OTP and sticks a new one on to keep you out of your account. Yes, the OTP changes every minute, but they only need that minute if you accidentally hand that number out.
Yes I understand that, but to remove it they need the confirmation which is only sent to the email which we got. I don't understand how they can remove it if they don't get the confirmation code to remove.