EvilZone
Hacking and Security => Hacking and Security => : feeltheburn June 01, 2015, 11:06:18 PM
-
Does anyone care to explain to me, what is the point of these email notifications on gmail?
[ Image in attachments ]
I mean, if it's supposed to notify me that a possible intruder has accessed my account- why does it send the notification during the intruders session when he can just delete the email ?
-
it means you accessed your account/email from an unknown ip not in their records. it happens to me whe i sign in from an unsual device.
-
Ok, I understand, but what is the point of them notifying me about it?
-
Would you like to know if some random person got your password and was using your google acount? I sure would, and thats the point.
-
And this brings us back to my question in OP:
I mean, if it's supposed to notify me that a possible intruder has accessed my account- why does it send the notification during the intruders session when he can just delete the email ?
-
And this brings us back to my question in OP:
Because most people have their email signed in on their mobile devices or other conouters too, so when u check your emails on your phone you'll see the email. And know someone accessed your account.
I agree it is not the best way to notify the user but it's simple and effiecient as well as effective in most cases.
-
i think they should send a sms alert to registered number & a mail to alternative email or recovery email
because a attacker can easily delete the email
-
i think they should send a sms alert to registered number & a mail to alternative email or recovery email
because a attacker can easily delete the email
I would drop gmail as an email provider if they switched to something like facebook does. Just no.
-
Because most people have their email signed in on their mobile devices or other conouters too, so when u check your emails on your phone you'll see the email. And know someone accessed your account.
I agree it is not the best way to notify the user but it's simple and effiecient as well as effective in most cases.
I thought that this might be the case, but figured maybe there was something more to it :)
Maybe they should just wait for you to log in from you're usual address before sending the notification email?
Dunno, silly Google...
-
@Khofo: if the guy uses IMAP on his phone, then it doesn't matter - it gets synchronized. POP3 on the other hand is just download.
I haven't really thought of this before... it would make more sense if they sent that email to your recovery mail, not the same mail...
-
I think you can have an alternative mail, and like someone said you get the mail on your phone, at least the notification of it (and then you know somethings wrong).
And the "attacker" won't think about a login notification mail, at least not every attacker.
-
@Khofo: if the guy uses IMAP on his phone, then it doesn't matter - it gets synchronized. POP3 on the other hand is just download.
I haven't really thought of this before... it would make more sense if they sent that email to your recovery mail, not the same mail...
I think you can have an alternative mail, and like someone said you get the mail on your phone, at least the notification of it (and then you know somethings wrong).
And the "attacker" won't think about a login notification mail, at least not every attacker.
lol
this is first time someone here think what i said was right :P
m soo happy :P
-
Also the interesting part about it is that most accounts are used for other services which become instantly available.
-
You might have your Gmail already on another device, and when this pops and the log-in is originating from the North Pole, you know some shiz has gone down.
Also, it attacker wants to continue to dip into your emails and keep reading them, or keep sending spam from your account, or keep carding with your shop sites, they aren't gonna' change your password, cuz you'll contact the Googles and get your account back. Better for attacker to go slow and low.