Client Login
 Quick Contact
Gmail to alert users to suspicious account activity
Category : General 29 Mar 2010 02:55 AM | Industry News
Gmail already displays information at the bottom of the in-box showing the time of the last activity on the account and whether it's still open in another location. But people often don't think to check that information, Will Cathcart, a Gmail product manager, said in an interview on Wednesday.
So Google is taking the extra step of displaying a warning to users in the form of a big banner that says 'warning your acct was accessed from...' and which specifies a geographic region where the account was accessed when unusual activity was detected.
'For example, if you always log in from the same country and all of a sudden there is a log in from halfway around the world' that is suspicious, Cathcart said. Or, if the system detects that one particular IP address is accessing numerous accounts and changing passwords for them, that would trigger warnings for affected accounts, he said.
Many small and medium businesses, as well as an increasing number of larger companies, rely on the web-based Gmail as their primary messaging platform. A sharp rise in socially engineered attacks and identity theft make Gmail account compromises a quickly growing concern.
The message also provides detailed information so you can see the latest account activity with information about the most recent access points. If the access was legitimate, you can click "Dismiss" to remove the message.
Recognizing security is also a high priority for businesses and schools, Google plans to offer this feature for Google Apps in the future after it has gathered and incorporated feedback.
Google has been pushing users to change their passwords if it believes that their account has been compromised. But sometimes the company is not 100 percent sure something malicious is afoot, said Will Cathcart, a product manager at Google. "Detecting this is a really hard problem," he said.
The move responds to persistent efforts by cybercriminals to steal and use password and login details for e-mail accounts, which contain valuable personal information for identity theft, allow attackers to impersonate a user and try to scam their contacts, and can allow crooks to invade financial accounts using password reset features tied to e-mail. Attackers typically gain login information in phishing scams, in which people are tricked into typing the information into bogus Web pages, or by planting malware on PCs that captures keystrokes.
The new alert system follows Google’s January move to increase Gmail security by using Hypertext Transfer Protocol Secure, or HTTPS, technology to encrypt all of the traffic it carries. This technology protects users from snoops who might try to capture their information as it moves across a network. It is especially useful for people using public Wi-Fi networks