Got a weird one for you, Dave: I received an email from Google confirming my address as a backup and recovery email address for an account I didn’t create! Is someone spamming me or has someone stolen my identity on Google?
I know just what you’re talking about because once every few months someone does that with me. I figure it’s a typo, but I’ll get an email from Google saying basically “congrats on setting up your new Gmail account. This is your recovery account. Well done!” even though I have no idea what they’re talking about. 🙂
The good news is that there’s nothing to worry about, your account security hasn’t been compromised, no-one’s pretending to be you on Gmail, and your identity is safe. Well, as safe as it ever is here on the Interwebs, at least.
You can also “disavow” your address as the recovery address for the unknown account, which is probably a good idea. Let’s go through all the steps, shall we?
To start out, here’s the Gmail notification I received:
I don’t actually know who “rayenragaven” is, but hey, they used my email address as their backup, so it’s fair game, right? Anyway, what’s happened is that they signed up with their address, it worked fine with Gmail, and then they set up my address – d1taylor – as their backup. Odd. A typo? Or did they think I’d help out in the case of an emergency [I won’t]?
Look closely at the bottom portion, however. “If you didn’t create this Gmail address and don’t recognize this email address, please visit…” followed by a pretty gnarly URL. Click on that link: time to disavow this connection.
Two options don’t make any changes or disconnect your email address from the new Gmail addr. Choose to disconnect, click the little button and choose “Submit” to proceed.
That’s it. Done. Nothing to stress about, really, and you haven’t messed up their account either: it’ll just show that they haven’t set up a recovery email address.
So where is that recovery information in case you ever lose access to your Google / Gmail account? That’s worth checking out while we’re here. In Gmail, go to Settings [off the gear icon on the top right] and navigate to the “Accounts and Import” tab:
Yes, for reasons I can’t explain, Gmail still has an interface that looks like it was designed in 1997. Maybe it was. Anyway, click on “Change password recovery options” and you’ll get here:
I have three set up, an email address called “recovery email“, a recovery phone, and a security question. I’ve obviously blanked out the latter two for my own privacy and account security, but the top one is accurate and I retain control of that email inbox too, so it’s good. Yours isn’t set or is set to an account you no longer have? Update it by clicking on it. Smart.
Higher up on the page is an option for a Security Audit. Click on it, the Google security check-up is well worth the extra few minutes to check and manage. Mine showed I have some work to do:
If you’re curious, it’s just about all related to all the test devices we receive here at AskDaveTaylor HQ: sign in to a new Android phone or tablet, a computer or even a TV for YouTube and it shows up on the list to be confirmed or blocked. Good stuff, well worth examining every so often.
Anyway, that’s the story with the bogus recovery email settings. Easy to disavow, worth doing so (it helps the email account holder know they need to set up the right address instead) and an easy way into checking your own account security and recovery settings too.
While you’re here, I invite you to check out our extensive Gmail help area too. We’ve written tons on how to work with and optimize your Gmail experience!
But we’ve all been trained to NOT click on links in emails that we aren’t certain of the source of. I also get emails saying that one of my email addresses (which is my (unusual!) name) is the recovery email for someone else’s account – someone I’ve never heard of, who obviously isn’t me, and in a language I don’t even speak. Yes, the email I got *appears* to be from google, but how do i know that? Way back, I read that one of the ways they can get you is by using characters that look identical to English letters but are coded differently (say, the English “o” and the Greek equivalent). So is the recovery email from “google” or from “g**gle”, but I just can’t see the difference? Once you click that link, there’s no going back. What there needs to be in gmail settings – among all the other stuff there – is a list of “recovery emails” – then I’d be able to uncheck this jerk from my account. End rant. :/
I’m having the same problems and I also signed up in the gmail beta phase with a dot. Who know there were so many people out there with my name. Any solutions yet?
A couple of months ago, I started getting multiple emails a day stating that some random has added me as their recovery email. Sometimes as many as 5-7 a week. I also am getting someone else’s online shopping confirmation emails, emails from their Doctor etc. The only difference in our emails is mine has a “.” between the first and last name. Supposedly, when I signed up for my email (during the beta gmail phase), no one else was supposed to be able to use the same handle as the “.” are technically not recognized. Any suggestions? I’m so fed up with gmail, i don’t know what to do about any of this.
Super annoying, for sure. Have you tried emailing the other Wendy, the one “without the dot”, to see if she has any ideas how to ensure that you get your email and she gets hers?
This doesn’t make sense to me because I believe that if you had created say mr.johnson@gmail then you also automatically own mrjohnson@gmail without the dot. That’s the way it is with mine and I signed up with beta. I receive several emails intended for (similar to) mrjohnson@gmail but my actual registered email was mr. with a dot. People seem to throw my email into forms online sometimes because it’s the first thing they think of. I hope that was a little help, anyway.