Gmail Starts Sending Suspicious Sign in Prevented Emails
By on May 8th, 2012

I have been using for a few years now and have come to love their spam filtering and security among other things. Gmail was probably one of the first free email provider to allow users to see where they logged in from and also provide an additional security layer with 2-step verification logins.

Some of the most interesting features in Gmail have been the ability to detect suspicious emails from your contacts, ability to alert you whenever any suspicious activity takes place in your account and the feature which alerts you whenever any filters have been setup to forward emails to another account.

However, there is a chance that most of the users do not access their accounts through the web interface and instead prefer using IMAP, notifying such types of accounts is harder. To overcome that problem Gmail has now started sending out emails to users saying that they have detected and prevented a suspicious login from an unknown location.

Gmail Suspicious Sign in Prevented Email

The email which arrived in my inbox earlier today can be seen in the image above. The message reads:

Keith,

Someone recently tried to use an application to sign in to your Google Account, [redacted]. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

May 8, 2012 8:37am GMT
IP Address: 204.15.240.72
Location: Sunnyvale, California, United States

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how at http://support.google.com/accounts?p=reset_pw

If this was you, and you want to give this application access to your account, complete the troubleshooting steps listed at http://support.google.com/mail?p=client_login

Sincerely,
The Google Accounts Team

This email approach from Gmail seems to be new and will allow users who don’t access the web interface to find out if their account is being compromised. It is not clear though whether the user was able to login successfully or not. Nevertheless, you should definitely change your password if you receive it.

If you need help generating strong passwords, you can check out 4 unique apps to generate strong passwords.

Also Read: How to find if your Gmail account is hacked and what to do

Update: For all those asking I had already confirmed that this is a legit email and a Gmail community manager has also confirmed this it is legitimate in a stack exchange thread:

I am the Gmail Community Manager, and I can confirm that we do send email notifications in certain cases such as described here.

Always carefully check the URL and never enter your Google password on a page that is not hosted at google.com. For example, it is OK to enter your password at https://accounts.google.com or https://mail.google.com, but not gooogle.com, g00gle.com, etc.

Update 2: Turns out that Google is now actively blocking login attempts from services like Plaxo and . A thread on Dropbox reports similar emails being sent out to users.

Tags: , ,
Author: Keith Dsouza Google Profile for Keith Dsouza
I am the editor-in-chief and owner of Techie Buzz. I love coding and have contributed to several open source projects in the past. You can know more about me and my projects by visiting my Personal Website. I am also a social networking enthusiast and can be found active on twitter, you can follow Keith on twitter @keithdsouza. You can click on my name to visit my Google+ profile.

Keith Dsouza has written and can be contacted at keith@techie-buzz.com.
  • TallT

    Google specifically states it will not provide IP addresses of suspected attacks. Is this VERIFIED? Or did you get phished?

    • http://keithdsouza.com Keith Dsouza

      TallT – Google does provide IP addresses in account activity and I verified that the email did come from Google servers. Also there is another thread on serverfault which discusses this as well http://goo.gl/BiQ3F

      • TallT

        Thank you Kieth,
        My concern was that even in the stack, ” it is OK to enter your password at https://accounts.google.com or https://mail.google.com” , yet in the email, the link is to “http://support.google.com…” which is not a secure site.
        Thanks again, TallT

  • Patti Hall

    I just received this same email message, but the email address they listed was actually wrong. It was missing a dot. So I am worried it is not actually google sending it. Have you found out anymore about this?

    • http://keithdsouza.com Keith Dsouza

      @Patti – Even my email had the missing dot. However, even Plaxo confirmed that this was legitimate.

    • http://www.flatmaterooms.co.uk Gareth

      If you email your self without the dot you’ll still receive it so don’t worry about that

      • Patti Hall

        Thanks for the info. I manually went in and changed my password. Hopefully that cures the problem.

  • Steve

    I just received one of these to a non-google email account.

    So I presume it is some sort of phishing activity and plan to ignore it.

    Any comments?

  • MichaelFarese

    I got this… but the attempt it is blocking is legitimate. I’m trying to use a plugin for Outlook to send and receive SMS messages through Google Voice. This plugin needs to login to my Google account, and that is, I assume, the attempt Google blocked. How can I get past this??

  • Julie

    New to Gmail, so was unsure that the email I got was legit. Thankfully, this thread answered my question.

  • Laurel Raven

    I just got this on all three of my email accounts when traveling today, just from my phone trying to update from a different location than usual…so, now i have to unlock each of them, and I’ve been without email for the day because of it. Ultimately, that isn’t that big of a deal, but since it is logging in through my Android phone and the same client I’ve been using since i got this phone, i think it’s ridiculous that it doesn’t just recognize that rather than making me go through this hassle needlessly.

  • http://www.facebook.com/KusanagiShiro Tom Gifford

    Virus.

  • Kevin

    I set up a completely legit account for myself and a person in another country, but google is blocking his login attempt. How can I get them to cease and desist and let the guy log in???

 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN