General Question

whitecarnations's avatar

Hacked: Google sent me a warning that my account was used via mobile in the NY region what should I do?

Asked by whitecarnations (1635points) March 30th, 2012

Google sent me a warning photo of the situation

I changed my password but didn’t click the link provided in the warning. What else should I do?

Observing members: 0 Composing members: 0

18 Answers

ragingloli's avatar

Change your password.

Rarebear's avatar

Actually, it doesn’t look legit—it looks like pfishing to me. If you changed your password using the link provided, you may have just opened up yourself to hackers.

Do a virus and spyware scan of your computer—make sure you have the latest updates. Notify Google of the incident by forwarding it to them. Change your password again going directly through the google secure link https://www.gmail.com

Good luck.

JLeslie's avatar

Its good you did not click the link, and good you changed your password. Can you send google the information? Or, there might be a government agency to report it to.

RocketGuy's avatar

Type in https://mail.google.com and change your password again, if you are really worried.

flo's avatar

If it is pfishing, what gave it away?

RocketGuy's avatar

There was a LINK to change password IMMEDIATELY. Both of these are common in pfishing schemes. That’s why I suggested typing the link, but looks like Fluther automatically converted that to a clickable link.

anartist's avatar

you are being phished. send this link/screengrab to google.

If this came as a gmail, look at it in “show original” [drop down next to “reply”] and if the sender info stinks go back to the menu and click “Report phishing”

whitecarnations's avatar

It wasn’t an e-mail. It was it’s own window. I typed in the link on the image again right now to see. I clicked the “Learn More” and it does go to the Google Help center. I think it’s real? Anyone can offer up a similar observation?

http://support.google.com/mail/bin/answer.py?hl=en&answer=45938&ctx=gmail#0

this is the next link that looks legititimate next to “change password” And yes @JLeslie I didn’t click their links provided I went into the settings my own.

fearofsleep's avatar

It’s real. Google notifies you when it notices that you have logged in from a location that isn’t of the norm. For example, I live in San Diego, CA, and was notified by Google when there has been a log in attempt from Brazil. Using proxy servers may also trigger this notification to appear, due to the fact that log-in sessions will be attempted at a different location other than your own area. You can actually revisit the window in your screenshot by scrolling down to the bottom of your inbox, where it says “Last account activity: x hours ago” and clicking on “details” right under it.

In your screenshot, the log-in in question would be the New York location. If you weren’t in New York during that time and know that this log-in session was not you, then it would be smart to change your password, but like many have said before me, the safest way to do this is by visiting the gmail settings page and changing it there, making sure to avoid any unfamiliar links.

whitecarnations's avatar

@fearofsleep Thanks! Yes and I have manually went into my settings and changed PW from there.

flo's avatar

Why should it be debatable though? Shouldn’t there be a sure way of knowing that it is a fake? That is, if it were real, there wouldn’t be ”a LINK to change password IMMEDIATELY.” to quote @RocketGuy.

whitecarnations's avatar

@flo

Does Google say it would never have a link to change password immediately? Also, it goes directly into settings account when clicking the link, but again, that isn’t the way I changed my PW. :D

flo's avatar

I’m looking at @RocketGuy‘s answer which makes sense to me. He probably knows more than me.

RocketGuy's avatar

No, I’m more paranoid than most.

flo's avatar

@RocketGuy it doesn’t sound like it to me.
The idea is supposed to be for a credible site not to be mistaken for pfishing site, right?

flo's avatar

@whitecarnations I would take the answer that helps me to be more cautious, always.
@RocketGuy‘s answer makes perfect sense.

Google and others have your alternate email address for occasions like this. So, you can send them an email (with the screenshot attached) asking them if they sent it to you.

Response moderated (Spam)
Response moderated (Spam)

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther