Gmail now warns users of suspicious account activity
Google sounds new alert when accounts may have been hijacked
Computerworld - Google today added an alert to Gmail that warns users of the Web mail service when their account may have been hijacked.
Using several criteria -- including plotting the Internet protocol (IP) address of each successful log-on -- Google determines whether to sound the alarm, which pops up at the top of a user's account and reads "Warning: We believe your account was last accessed from..." along with the location associated with the log-on.
If an account is accessed from one country, then again a few hours later from a different country, Google would likely sound the alarm. The assumption: The multiple and geographically divergent log-ons would be a clue that the account had been hacked, and was now being used to send spam, spread scams or distribute malware.
"It's actually much more sophisticated than that," said Will Cathcart, a Gmail product manager. "If we determine that an IP down the block [from you] has logged into your account, and has recently logged into lots and lots of accounts, we'll display the warning."
Cathcart declined to reveal details of the other factors that Google takes into account when deciding whether to trigger an access alert, saying only that the IP locating criteria was "a data point that most users can easily understand."
The idea is to give users more information about activity on their Gmail accounts, Cathcart said. "This is an evolution of what we've done for some time," he said, referring to the account activity records that users have been able to view since mid-2008. "We've been doing a lot of compromised account detection work, and we wanted to give users information about why we think an account may be compromised. This way, we reach out to a lot more users, because we don't need to be 100% certain that an account [has been hijacked] before we block it. Now we can be just 99% sure, and give the users the information so they can take action."
Cathcart claimed that the problem of Gmail account hijacking affected only a "very very small number" of users. But for those whose accounts are hijacked, it's "a really painful problem, even if all the hijackers do is send spam."
He sidestepped a question about whether the new alert would have helped Chinese human rights activists whose accounts were compromised. Last January, Google cited activity directed against those accounts, as well as attacks on its corporate network, when it announced it would no longer censor the search results of its Chinese engine. "I wouldn't want to say which accounts would have been warned, but in general, when people have their accounts compromised, we would love to be able to warn them," Cathcart said.
Google will roll out the feature to Google Apps at some later point, the company added in a post to the Gmail blog today.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
- Google updates the Maps Explore Nearby feature -- for some users
- Chrome gets sharp after dumping 30-year-old Windows technology
- Google moves closer to selling smart contacts
- Google goes mum on Glass release plans
- Samsung Gear Live vs. LG G Watch: A real-world evaluation
- Android Wear deep-dive review: A smart start to smartwatch software
- Google's Larry Page talks of killing the 40-hour work week
- Google terminates Quickoffice apps on Android, iOS
- Google I/O looks to be about more than Android
- Google eyes 3D vision tech for experimental tablet
Read more about Security in Computerworld's Security Topic Center.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!