Wednesday, March 24, 2010

Detecting suspicious account activity

(Cross-posted from the Gmail Blog)



A few weeks ago, I got an email presumably from a friend stuck in London asking for some money to help him out. It turned out that the email was sent by a scammer who had hijacked my friend's account. By reading his email, the scammer had figured out my friend's whereabouts and was emailing all of his contacts. Here at Google, we work hard to protect Gmail accounts against this kind of abuse. Today we're introducing a new feature to notify you when we detect suspicious login activity on your account.

You may remember that a while back we launched remote sign out and information about recent account activity to help you understand and manage your account usage. This information is still at the bottom of your inbox. Now, if it looks like something unusual is going on with your account, we’ll also alert you by posting a warning message saying, "Warning: We believe your account was last accessed from…" along with the geographic region that we can best associate with the access.


To determine when to display this message, our automated system matches the relevant IP address, logged per the Gmail privacy policy, to a broad geographical location. While we don't have the capability to determine the specific location from which an account is accessed, a login appearing to come from one country and occurring a few hours after a login from another country may trigger an alert.

By clicking on the "Details" link next to the message, you'll see the last account activity window that you're used to, along with the most recent access points.


If you think your account has been compromised, you can change your password from the same window. Or, if you know it was legitimate access (e.g. you were traveling, your husband/wife who accesses the account was also traveling, etc.), you can click "Dismiss" to remove the message.

Keep in mind that these notifications are meant to alert you of suspicious activity but are not a replacement for account security best practices. If you'd like more information on account security, read these tips on keeping your information secure or visit the Google Online Security Blog.

Finally, we know that security is also a top priority for businesses and schools, and we look forward to offering this feature to Google Apps customers once we have gathered and incorporated their feedback.

No comments:

Post a Comment