|
By Cara Garretson
Google has added a security feature to Gmail that notifies users when there is suspicious activity in their mail accounts.
This new warning, displayed in bright red, tells Gmail users when their accounts were accessed from a geographic place that doesn't match up with the region associated with their IP address, which Google's automated system logs and matches with a broad location. So if a user logs in to their Gmail account from a location in one country, and minutes later logs in from an IP address associated with another country, such activity would send up an alert, according to a post on the official Gmail blog.
An example of such fraud was offered by Google engineering director Pavni Diwanji, who wrote the post. Diwanji says that a few weeks ago he received an e-mail that looked as if it came from a friend who was stuck in London and in need of money. In fact, he writes, the e-mail was sent by someone who had hijacked his friend's account, read the friend's e-mail to determine the friend was in London at the time, and e-mailed all of his contacts to ask for money.
"Here at Google, we work hard to protect Gmail accounts against this kind of abuse. Today we're introducing a new feature to notify you when we detect suspicious login activity on your account," says Diwanji.
The new warning message reads "Warning: We believe your account was last accessed from..." and names the geographic region associated with that access. Users can choose to get more information or ignore the warning. Details offered include where else the account is being accessed from, including generic location (a country), IP address, and the time of access. This screen also tells the user "If the activity below doesn't look like your activity, change your password immediately" and includes a link to change the account password. If the user is sure the access is authorized, a dismiss button removes the screen.
Google says its privacy policy for Gmail states that Google servers will automatically record certain information regarding the use of Gmail, such as the IP address from which access is obtained. The blog post adds that Google can't determine a specific location from where the account is being accessed based on this information.
Google plans to add the same security feature to GoogleApps once it collects and adds user feedback, the company says.
In July 2008, Google added a remote sign-out option to Gmail so that users who access their e-mail from multiple computers could be sure they're protecting their accounts even when they're not in front of them. At the bottom of users' inbox is information about the time of last access, whether or not the account is still open from that access and what the IP address of that computer is. This feature was designed to help users ensure that activity on their accounts was authorized, and to be able to log out remotely to prevent unauthorized access.
Only registered users can write comments.
Please login or register. |
