Jump to content

Is this a phishing email, or legit from Google?

Recommended Posts

Hello,

 

I just got an email, purportedly from Google.

 

-----

 

Subject line is:

Review blocked sign-in attempt

 

-----

 

Content is:

Hi,

Google just blocked someone from signing into your Google Account <my-email>@gtempaccount.com from an app that may put your account at risk.

Less secure app

Sunday, July 15, 2018 8:44 AM (Vietnam Time)

Phường 3, Gò Vấp, Ho Chi Minh City, Vietnam*Don't recognize this activity?

If you didn't recently receive an error while trying to access a Google service, like Gmail, from a non-Google application, someone may have your password.

 

-----

 

Next, there is a link to 'secure your account'. Which surprises me; it's good advice never to click on any links in these kind of emails (who knows where they're coming from). The link does go to https://accounts.google.com/AccountChooser?Email=... however, which seems a legit google URL? Which if it is legit, seems bad form to me, as Google are training people to click on links within potential phishing emails.

 

Also, would be shocked if someone got my email, it's 30 characters of randomness. It is stored in an offline password manager, and also stored in my Firefox account. I'm thinking that could be a weak link. Presumably someone would only need to know my Firefox account login credentials, and voila, they have all my stored passwords. Probably best not to keep anything important in there. I also just turned on 2FA for Firefox account, so I'm guessing that means I can sign in from any new device without completing 2FA?

Share this post


Link to post
Share on other sites

I would go to your account in your usual way and change your password.

Share this post


Link to post
Share on other sites
I would go to your account in your usual way and change your password.

 

Thanks. Yep, that was the first thing I did. :)

 

Also need to make sure I have 2FA switched on for the account.

Share this post


Link to post
Share on other sites

Forward it to Google, they will have a security link for you to report suspicious mails.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.