If you have received a mail from Google stating that a ‘sign-in attempt prevented’ or ‘Suspicious sign-in prevented’ then someone might have attempted to sign-in using your ID or probably you might have tried signing to a 3rd party client or app like outlook which Google blocked due to clients low-security standards. The mail may also come when trying to connect your Gmail servers using SMTP authentication.
Here are some solutions, discussions, fixes, and analysis based on different conditions under which you may have got mail:
A Fake Mail Sent in the Name of Google
An email is being circulated which looks very convincing and official, like a notice from Google stating “Sign-in attempt prevented”. This has turned out to be a bogus mail, spotted by security researchers as a phishing attempt to get your account info. An example of such a fake mail is shown below:
The mail is equipped with a Google logo and contains your email ID, the sender’s mail address that can deceive any user from considering it to be real, location details of the attempted and a note stating that someone tried to sign in to your Google account. The mail also contains some links which when clicked will lead you to a domain that also looks like it belongs to Google, and which sports a spoofed login page and some details related to your account.
And if you sign in using that page then the information you enter will be taken up by rouge to harvest your ‘Google account credentials’.
What to do ?
-
- In Gmail, open the suspicious message.
- Click the down arrow next to “Reply”.
- Select Report Phishing. Google will look forward for further actions to be taken.
- If you want to log in and change your password use original Google login page and change your password do not click on any link provided.
A Real Mail Sent by the Google
The mail sent in the name of Google may be a legit one, so it is better to review your recent activity. Actually, it is a bit difficult to recognize and differentiate a spoof mail as it can be undiscerning to a user. For example, a spoofer may use Greek ‘o’ instead Latin ‘o’ e.g example@google.com, it is difficult to differentiate. Google’s website states:
A spoofed mail may ask for personal information like usernames, passwords, or other identification information, or send you to unfamiliar websites asking for this information.
Source: Google
What to do?
To be on the safer side do not click on any links provided in the mail even if it seems to be legit. Open your Google account page in a new tab if you wish to make any necessary changes in your account.
Check for suspicious account activity
- Go to your Recent Activity page.
- Sign into your account.
- Review your recent activity and look for unfamiliar locations or devices. You can also click on any event in the list to see more details about it on the right.
- If you see any activity you don’t recognize, click Change password at the top of the page.
- Follow the steps to change your password.
Change your password to long, unfamiliar and complex type.
If you find something suspicious, report it as spam.
Gmail Rejecting SMTP Authentication as Suspicious Sign in
If you get an error “SMTP Error: Could not authenticate.” and on checking the mailbox if you find an email stating “Suspicious sign in prevented” then follow the steps to fix the problem and get access to SMTP.
What to do?
- First login to your Google Account.
- Click here and look for an option called “Allow less secure apps”.
- Turn the option ON.
That is it you can now connect to Gmail mail servers using SMTP.
Note: Some apps and devices may not use modern security standards and are less secure, which could leave your account vulnerable.
Google blocking a sign-in attempt to 3rd party clients like Outlook
As promised by Google they started blocking Sign in for third party clients or services which do not meet their security standards. As these apps and devices are more prone to be attacked and easy to break through, Google prevents them from signing showing an error “Password incorrect”.
Some examples of apps that do not support the latest security standards include:
- The Mail app on your iPhone or iPad with iOS 6 or below
- The Mail app on your Windows phone preceding the 8.1 release
- Some desktop mail clients like Microsoft Outlook and Mozilla Thunderbird
Source: Google
What to do?
Update to more secure apps having modern security measures.
- First login to your Google Account.
- Click here, scroll down and look for option called “Allow less secure apps”.
- Turn the option ON.
Now you can access your Google account for all third-party clients like Outlook and Trillian.
Read: Full comprehensive guide to get used to with MSN Hotmail Email Account.
Add an Extra Layer of Protection to your Google Account
You can put an extra layer of security to your Google account by adding security code and 2 step verification process.
1. Security code
This security code can be accessed from your Android Smartphone. Google will ask you for the code to make sure the user is authentic in cases where:
- If you sign in from a new location or device.
- If they suspect someone else might be trying to access your account.
To get a security code
- Look for the app called Google settings in App drawer.
- Tap on it and look for an option called Security under services option.
- Tap on security code and select the Google account to avail your code.
This code is only asked where Google’s system find something unusual behavior with your account.
2. Two-Step verification
2-step verification process is much more secure. Just you need to register your mobile number with Google and each time you sign-in to a new device or software using Google account a PIN is sent to your phone which you need to verify. Thus, protecting your account from hackers.
Conclusion: I hope this post was helpful in clearing all your doubts & queries and putting forward to you some solutions and fixes. If you need any assistance please comment below.
This post was last modified on December 16, 2019 11:15 am
View Comments (8)
I have been receiving a sign-in attempt prevented e-mail every single morning for the past 8 months. It looks similar to the example with the no-reply@accounts.google.com address. Every morning, I simply delete it and carry on with my daily task. I change my password on a regular basis and only use my laptop for e-mail. But what do I do to stop it? I cannot carry on like this for eternity?
Thanks you very much for this article