Gmail now warns users of suspicious account activity
Google sounds new alert when accounts may have been hijacked
Computerworld - Google today added an alert to Gmail that warns users of the Web mail service when their account may have been hijacked.
Using several criteria -- including plotting the Internet protocol (IP) address of each successful log-on -- Google determines whether to sound the alarm, which pops up at the top of a user's account and reads "Warning: We believe your account was last accessed from..." along with the location associated with the log-on.
If an account is accessed from one country, then again a few hours later from a different country, Google would likely sound the alarm. The assumption: The multiple and geographically divergent log-ons would be a clue that the account had been hacked, and was now being used to send spam, spread scams or distribute malware.
"It's actually much more sophisticated than that," said Will Cathcart, a Gmail product manager. "If we determine that an IP down the block [from you] has logged into your account, and has recently logged into lots and lots of accounts, we'll display the warning."
Cathcart declined to reveal details of the other factors that Google takes into account when deciding whether to trigger an access alert, saying only that the IP locating criteria was "a data point that most users can easily understand."
The idea is to give users more information about activity on their Gmail accounts, Cathcart said. "This is an evolution of what we've done for some time," he said, referring to the account activity records that users have been able to view since mid-2008. "We've been doing a lot of compromised account detection work, and we wanted to give users information about why we think an account may be compromised. This way, we reach out to a lot more users, because we don't need to be 100% certain that an account [has been hijacked] before we block it. Now we can be just 99% sure, and give the users the information so they can take action."
Cathcart claimed that the problem of Gmail account hijacking affected only a "very very small number" of users. But for those whose accounts are hijacked, it's "a really painful problem, even if all the hijackers do is send spam."
He sidestepped a question about whether the new alert would have helped Chinese human rights activists whose accounts were compromised. Last January, Google cited activity directed against those accounts, as well as attacks on its corporate network, when it announced it would no longer censor the search results of its Chinese engine. "I wouldn't want to say which accounts would have been warned, but in general, when people have their accounts compromised, we would love to be able to warn them," Cathcart said.
Google will roll out the feature to Google Apps at some later point, the company added in a post to the Gmail blog today.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
- Google rolls out new +Post 'social' ads
- Google details its Project Ara modular smartphone
- Google pushes I/O registration deadline back to April 15
- Google looks to push Glass into the enterprise
- Google touts extra encryption for Gmail, remains mum on other apps
- Google patches $310K worth of Chrome, Chrome OS bugs
- Google slashes Drive prices by up to 80%
- Chrome users attack Google for zapping unsanctioned Windows add-ons
- Google postpones add-on 'kill switch' for Chrome on Windows
- Google yanks option to restore Chrome's old-style new tab page, riles users all over again
Read more about Security in Computerworld's Security Topic Center.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts