I’m really worried someone’s hacked into my Gmail account, Dave. I got an email saying that there was unusual activity on my account and when I clicked the “Not me!” button, it just popped up an email. I don’t know how to let Google know I didn’t log in from Belgium. Help!
I’ve spent so many years on the Internet, and even its precursor the ARPANet, that I inherently approach every message with a dose of skepticism and even cynicism. Is this message really from Google? Would Google send you an email saying your email is compromised? What does it mean that when you click it pops up an email rather than having you verify your account information?
The email you received stating Account Activity is Unusual is, of course, a scam. First off, Google is very good at using correct English in its email messages – including the subject line – but I’m surprise it wasn’t in your spam folder. Gmail does a very good job of filtering out junk, scam, phishing attempts and other garbage as it shows up in your inbox. Be that as it may (perhaps you check your spam folder for false hits and saw it?) let’s disassemble a similar email message that I received about my own Gmail account.
Here’s the message itself:
If you are pulled in by the main message content, you might not notice the red flags waving about, telling you this is a bogus email message.
Slow down, take your time, and examine any email before you click on a link or button!
Let’s see what’s odd about the above email, step by step. First off, what kind of bizarre email address is being used by the sender? DnOppC@xr3qdvw.ulm.se? So, so clearly not a Gmail or Google address. In fact, ULM.SE is actually a domain in Sweden. You can safely assume Google’s not going to use a Swedish subsidiary to shoot you a warning message, not to mention the DnOppC address.
But there’s more that should concern you here. One thing: If they know my email address (d1taylor) why don’t they use my name and display my account icon as a simple verification? More importantly, again, the grammar and phrasing is just weird. “Yes me !” should be “Yes, that was me.” or similar, and any native speaker would know not to have a space before the exclamation mark. Then there’s the last line: “able to make impeccable changes to your cost”. Um, what?
Again, all of these things should reaffirm that this message is not legit and not valid. Don’t just be pulled in by the big, colorful buttons and click.
Heck, in Gmail if you just move your cursor over a link, the very bottom of the window will usually show you where you’ll go if you click and this is no different:
Why is this a “mailto”? And what are these crazy email addresses?
In fact, click on “Not me !” and you’ll get an email template, as you learned:
These are just the oddest possible email addresses, so hopefully by this point you’ve finally said “this can’t be legit”. I mean, .pw is the Pacific island domain for the island of Palau and .bid? Never even heard of that. None of these are @google or similar either (and of course any Gmail address can be anyone, so even operations@gmail.com or support@gmail.com would be suspicious).
The long and short of it: be more skeptical. Don’t believe email messages you get and if you’re unsure, put on your detective hat and search for clues that it’s not legit. 99.5% of spams and cons will have something that trips ’em up, even if it’s not until you click and get somewhere that you realize.
And be safe out there!
Pro Tip: I have tons of Gmail help here on the site too. Please take the time to check it all out.