It’s probably a phishing attack of some kind. If you are really concerned then close out your browser, reset your computer, go to your Google account directly and change your password…or call up their customer service and talk to them directly. Don’t click on any links in the email that say something like ‘click here to change password’. Don’t do anything with that email except delete it.
That seems legit, true, I’m always very careful about vendors sending me stuff…or seeming too. If you are concerned, then as I said, go into your Google account (don’t use any links, if any, in the email) and your password to something non- mnemonic (I usually use a password generator using strong password characteristics).
Whether you think it’s legit or not, I’d still be concerned and probably change my password ASAP. Look into changing your code phrase or whatever they have you using for recovery as well, as sometimes hackers who gain access to your account will simply note that for future use.
Definitely. You can usually mouse over links and such and it’s generally pretty obvious that they are a scam just based on where they are taking you. They will put something that LOOKS like whatever they are pretending to be, but it’s often got extra characters or other tells. I never click on anything in an email, even if I really think it’s legit.
Regardless of whether it actually is from Google or not, the OPs best bet is just close the email and go to the vendors site independently and change his or her password manually.
I keep getting emails from Steam saying somebody in Russia is trying to log in to my account. They have never succeeded, but they have succeeded in getting correspondence from Steam to be sent to me in Russian (except for the email telling me somebody tried to log in, for some reason). I’ve changed my password twice, now.
I haven’t got a message like that recently, so I can’t confirm the text. And you need to be very careful about clicking on links in any message that suggests you ‘change your password’. But Google sends out messages like that all the time.
A ‘non Google app’ is pretty much any program that runs on your desktop. And modern computers may wake in the middle of the night to do something, and when awake may do anything else. And the time given by Google will either be London time (‘universal’ time), or the time at the location they ./think/ is the correct location.
Google wants you to use Android and Google Apps for everything: they are in competition with Apple and Microsoft. They aren’t very subtle about saying so. You get a message when you do something different. Normally, with some thought, you can identify what you did that was non-Google, even if the time and location are wrong, and your computer did it for you.
I use IMAP to connect to a GMail account, and whenever I travel I get those security alert emails just for being on wi-fi I’ve never used before. So it’s possible your ISP gave you a new IP address in the middle of the night, and then Google saw a login from an unknown IP, flagging the account. It’s a very low bar that borders on fear mongering. The first time I got it while traveling I did go ahead and change my password, but then when I got home they sent me another email warning because I guess they flushed all the old IPs along with the password reset.
Two factor is less secure than regular old passwords. That’s right. Less secure.
There’s a lot of Security Theater out there. This is an example.
Anyway, I’ve suddenly been getting a lot of phishing scams lately supposedly from GMail, etc. So I’ve checked on a few. Most have obviously incorrect “From:” fields, etc. But one was clever. Right “From:”, the links seemed to be at first glance to be Amazon, but there’s a ton of odd stuff finishing off the URL that no doubt sends you elsewhere.
IMHO it is not phishing. It is real and important.
I got a similar message (on my phone) on the same day. Like K364 I saw that the actual sender was firstname.lastname@example.org, which seems legit. (FWIW my Google email is a secondary account which I use only for subscriptions such as The Straight Dope & AWAD.)
I went to my laptop, signed into Google, and went to My Account. It showed a sign-in attempt WITH MY PASSWORD from an unknown device. I traced the IP address, and it showed a location in Chicago’s Chinatown from a server in Brazil. (I live in the Chicago suburbs.)
That was scary enough for me. I changed my password and enabled 2-factor authentication. Furthermore, I confirmed that only my laptop & phone are authorized devices.
I strongly recommend to K364 (and anybody else in a similar situation) to do the same.
It is exactly 2FA. The two factors are your password and the code generated by the authenticator. There are also fobs that display a number that changes every minute or so that provide the same function as the app.
Other possible option for components of 2FA are biometrics. ie retinal or fingerprint scans.
The previously mentioned fobs now frequently include a USB plug that can be plugged into a system so you don’t have to type in the code.
Common Access Card (CAC) that have to be inserted into a reader when you log in.
This is by no means a comprehensive list, just some of the most common measures.