Gmail Starts Sending Suspicious Sign in Prevented Emails

I have been using for a few years now and have come to love their spam filtering and security among other things. Gmail was probably one of the first free email provider to allow users to see where they logged in from and also provide an additional security layer with 2-step verification logins.

Some of the most interesting features in Gmail have been the ability to detect suspicious emails from your contacts, ability to alert you whenever any suspicious activity takes place in your account and the feature which alerts you whenever any filters have been setup to forward emails to another account.

However, there is a chance that most of the users do not access their accounts through the web interface and instead prefer using IMAP, notifying such types of accounts is harder. To overcome that problem Gmail has now started sending out emails to users saying that they have detected and prevented a suspicious login from an unknown location.

Gmail Suspicious Sign in Prevented Email

The email which arrived in my inbox earlier today can be seen in the image above. The message reads:

Keith,

Someone recently tried to use an application to sign in to your Google Account, [redacted]. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

May 8, 2012 8:37am GMT
IP Address: 204.15.240.72
Location: Sunnyvale, California, United States

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how at http://support.google.com/accounts?p=reset_pw

If this was you, and you want to give this application access to your account, complete the troubleshooting steps listed at http://support.google.com/mail?p=client_login

Sincerely,
The Google Accounts Team

This email approach from Gmail seems to be new and will allow users who don’t access the web interface to find out if their account is being compromised. It is not clear though whether the user was able to login successfully or not. Nevertheless, you should definitely change your password if you receive it.

If you need help generating strong passwords, you can check out 4 unique apps to generate strong passwords.

Also Read: How to find if your Gmail account is hacked and what to do

Update: For all those asking I had already confirmed that this is a legit email and a Gmail community manager has also confirmed this it is legitimate in a stack exchange thread:

I am the Gmail Community Manager, and I can confirm that we do send email notifications in certain cases such as described here.

Always carefully check the URL and never enter your Google password on a page that is not hosted at google.com. For example, it is OK to enter your password at https://accounts.google.com or https://mail.google.com, but not gooogle.com, g00gle.com, etc.

Update 2: Turns out that Google is now actively blocking login attempts from services like Plaxo and . A thread on Dropbox reports similar emails being sent out to users.

13 thoughts on “Gmail Starts Sending Suspicious Sign in Prevented Emails”

  1. Google specifically states it will not provide IP addresses of suspected attacks. Is this VERIFIED? Or did you get phished?

  2. I just received this same email message, but the email address they listed was actually wrong. It was missing a dot. So I am worried it is not actually google sending it. Have you found out anymore about this?

  3. I just received one of these to a non-google email account.

    So I presume it is some sort of phishing activity and plan to ignore it.

    Any comments?

  4. I got this… but the attempt it is blocking is legitimate. I’m trying to use a plugin for Outlook to send and receive SMS messages through Google Voice. This plugin needs to login to my Google account, and that is, I assume, the attempt Google blocked. How can I get past this??

  5. I just got this on all three of my email accounts when traveling today, just from my phone trying to update from a different location than usual…so, now i have to unlock each of them, and I’ve been without email for the day because of it. Ultimately, that isn’t that big of a deal, but since it is logging in through my Android phone and the same client I’ve been using since i got this phone, i think it’s ridiculous that it doesn’t just recognize that rather than making me go through this hassle needlessly.

  6. I set up a completely legit account for myself and a person in another country, but google is blocking his login attempt. How can I get them to cease and desist and let the guy log in???

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>