Google Protects Gmail Users with Suspicious Activity Alert

Today's Best Tech Deals

Picked by PCWorld's Editors

Top Deals On Great Products

Picked by Techconnect's Editors

Intruder alert. Intruder alert. The new Gmail feature launched by Google won't have any cool audio alert blaring out "intruder alert", but it will alert users when suspicious activity indicates a potential compromise of the e-mail account. Google hopes to help users combat e-mail fraud and identity theft with the new feature.

Google is improving Gmail security with a new feature to identify suspicious activity.
Pavni Diwanji, Engineering Director for Gmail, described the following scenario in a post on the Official Gmail Blog. "A few weeks ago, I got an email presumably from a friend stuck in London asking for some money to help him out. It turned out that the email was sent by a scammer who had hijacked my friend's account."

Many small and medium businesses--as well as an increasing number of larger companies--rely on the Web-based Gmail as their primary messaging platform. A sharp rise in socially-engineered attacks and identity theft make Gmail account compromises a quickly growing concern.

Google has long had a security feature which displays the last login time for the account and whether or not the account is currently open in another location. That information should be sufficient for users to identify most compromises or suspicious activity, but apparently it is not overt enough and many users don't pay attention to it.

The new Google approach monitors certain criteria and considers a range of user behaviors to try to identify activity which should raise red flags. Diwanji explains "To determine when to display this message, our automated system matches the relevant IP address, logged per the Gmail privacy policy, to a broad geographical location. While we don't have the capability to determine the specific location from which an account is accessed, a login appearing to come from one country and occurring a few hours after a login from another country may trigger an alert."

Diwanji summed up by reminding users to "Keep in mind that these notifications are meant to alert you of suspicious activity but are not a replacement for account security best practices."

That is sage advice--particularly for IT administrators, and small and medium businesses that rely on Gmail. The new suspicious activity alert is a nice feature, but it is not a comprehensive defense and does not enable customers to let their guard down. It is no silver bullet.

Businesses should ensure that users are aware of the new Gmail feature so they are not caught off guard if they see it. A process should be established for escalating the notification to management, or responding to suspicious activity alerts.

By developing a plan for what to do with the information, businesses can capitalize on the feature to augment existing security controls and protect Gmail accounts from fraud and identity theft.

Tony Bradley is co-author of Unified Communications for Dummies. He tweets as @Tony_BradleyPCW. You can follow him on his Facebook page, or contact him by email at

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.
Shop Tech Products at Amazon