What is the Google Critical Security Alert email?

Google has always prioritized user safety and has designed the Google Critical Security Alert to warn users whenever a threat actor or unauthorized person tries to access your Google account. This security feature also alerts you if there is a login to your account from a new or unrecognized device, allowing you to deny access if you don’t recognize the device. You receive a notification on your primary device (in which the particular Google account is logged in), where you have to click on either of the options – ‘Yes, it’s me’ or ‘No, secure account.’ You may also receive this notification via email.

You also receive this warning when you buy a new device and sign into it or browse using a proxy or a VPN server, as these change your IP address. So, every time you get the security notification, it won’t mean your account has been compromised. But of course, you have to be careful when it’s not you who has signed in.

Google Critical Security Alert can be a scam

Threat actors find their way into anything and everything, including Google’s security feature. They have devised techniques to exploit it and create phishing emails that replicate the ones that originally come from Google. The illegitimate email warns you of a new sign-in attempt, claiming that Google blocked the attempt and asks you to check your account activity.

But there’s a catch– the link in the email that is supposed to take you to the page where you can check your account activity will instead direct you to a hoax, replicated website, or download malware on your device.

How to know if the Google Security Alert email is real or fake?

Fortunately, it isn’t too hard to detect if the warning is fake. Here’s what you need to do every time you receive the alert email-

Notice the sender’s email address

Google sends security alerts from [email protected]. If the sender’s email address is not this, report the email and don’t click any links.

Check the email content

Google security emails are usually well-written and include your name or account details. If you get a generic, poorly written email that claims to be from Google, it’s likely a scam. Google will never ask for sensitive information, like login or bank account details, via email.

Hover over the link

Before clicking the link in the email, just hover your cursor over it and look at the link in the lower-left corner of your computer screen. Notice where the link will take you; if it doesn’t look like an official Gmail page, don’t click it.

Stopping Google Critical Security Alerts

You can stop Google Critical Security Alert emails for logins from different devices by following these steps:

Sign in to your Google Admin console and open the home page.
Go to “Settings,” then tap “Security rules,” and click “Suspicious login.”
Tap “Actions.”
In the “Send email notification” section, uncheck the “All super administrators” and “Send email notifications” boxes.
Click “Next: review.”
Tap “Update rule.”

However, you will still receive security alerts for logins from new, unrecognized devices.

How to secure your Gmail account upon receiving a fake alert?

Run a security check on the account

Don’t open or respond to emails from unknown sources. If you get a suspicious Google security alert email, ignore it and check your Google account security:

Open your Google account settings and tap “Review security tips.”
Check the list of devices logged into your account. Remove any unfamiliar devices.
Scroll down and click on “Review recent activity.” If you see any unfamiliar activity, select “See unfamiliar activity.”
Change your password to a stronger one if needed.
Visit the Google Help Center for more security tips.

Turn on two-factor authentication

Enabling two-factor authentication adds an extra layer of security over and above a standard password. You can choose one of the two-factor authentication options-

Google Prompt: A notification sent to your smartphone that you can approve to verify your identity.
Authenticator App: Use apps like Google Authenticator or Authy to generate verification codes.
SMS Codes: Receive a verification code via text message to your phone.
Backup Codes: A set of codes you can use when you can’t access your phone.
Security Key: A physical device, like a USB or NFC key, that you can use to verify your identity.
Voice Call: Receive a verification code via a voice call to your phone.

These options help ensure that only you can access your account, even if someone knows your password.

Enable MTA-STS

MTA-STS stands for Mail Transfer Agent-Strict Transport Security, a security feature that requires authentication checks and encryption for all emails sent to your domain. It prevents the occurrences of man-in-the-middle and DDoS attacks.

Set up recovery information

Add recovery information to your Gmail account. This can be your backup email or a phone number. So, even if someone compromises your account, you can still regain access to it using the recovery information. If your phone number or backup account changes, update the information in Gmail.

Deploy SPF, DKIM, and DMARC

SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) are authentication protocols that ensure only authorized people send emails on your behalf.

DKIM also helps verify whether an email’s content has been modified in transit. Illegitimate emails sent from your domain will be subjected to either getting marked as spam or bouncing back, preventing them from landing in the recipients’ inboxes in either case. Together, these three fortifiers strengthen your company’s email ecosystem, preventing phishing, spoofing, and impersonation.

We at DuoCircle can help you get started with these three protocols. Contact us to know more and better.

What is the Google Critical Security Alert email? - DuoCircle (2024)