This appears to be a legitimate email from google regarding an attempt to use my password to log into google. Sent to an old AOL account i keep for trash. They used the first half of my AOL address with an @googlemail.com, which is close to a googlemail address i actually have and asks me to log in to verify the activity.

Im not sure how they intend to access my gmail accounts as this is a legitimate email from google and would direct me to the google accounts page so they would not have visibility of my passwords i use to try to log in.

Im not sure what this is.

Why would they use my AOL email address as a recovery account for a fake gmail account i dont have access to? How to they intend to get my log in details this way?

Any thoughts anyone?

Ps hope this is the roght place for this question.

  • PonyOfWar@pawb.social
    link
    fedilink
    English
    arrow-up
    16
    ·
    6 months ago

    If you have a short-ish email address, someone might have just set it as their recovery address by mistake. I also have a pretty old, short gmail address and people have registered it as their recovery address before, so I would get mails whenever they logged in on a new device etc. Don’t think those were phishing attempts, just people being technologically inept.

    • brsrklf@jlai.lu
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      edit-2
      6 months ago

      I have an old gmail account that’s just my first name initial and my last name.

      Occasionally I get mails from shady people, like “coaches” spewing pseudoscientific fake psychology bullshit. Turns out there’s a guy that barely knows how to write and has a similar name to mine who regularly gives my address to people.

      I tried telling them about the address (there was what I assume was a family contact in CC). I don’t think it registered at all. Makes me rather uneasy.

  • walter_wiggles@lemmy.nz
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    1
    ·
    6 months ago

    If you message me your Google password then I’ll check for you. That way you won’t be at risk for catching a virus. You can never be too careful these days.

  • deadcade@lemmy.deadca.de
    link
    fedilink
    English
    arrow-up
    8
    ·
    6 months ago

    Do NOT click the link. Instead, go to google.com yourself, go to your account settings, and “check activity”. If there’s anything suspicious (like an attempted login from another country), reset password and ensure 2FA is enabled. Otherwise, you can safely ignore/delete the email. (But still enable 2FA for better protection)

  • Illecors@lemmy.cafe
    link
    fedilink
    English
    arrow-up
    5
    ·
    6 months ago

    I think this is a legitimate email. What it’s saying is that your google password is compromised. Google blocked the login attempt for other reasons, but please change your password.

  • Zeppo@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    4
    ·
    6 months ago

    Who knows? You could analyze the email to see if the links are legit. The URL suggested appears to be; don’'t follow it by clicking it though.

  • ConstipatedWatson@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    6 months ago

    When I receive things like this, I make sure to open Gmail from within Firefox with all extensions meant to defend me (like NoScript, unlock origin, privacy badger, https everywhere) and then I hover over the gigantic button “check my activity” and see if it leads to a accounts.google.com link.

    Either way, I then copy the link address without clicking on it, and open it in a private window to see what happens. If it’s a scam, the page it opens has a legit looking, but wrong google address (aka, it cannot really end with google.com). Then I just stop having fun and don’t continue nor type anything

    What does it look like in your case?

      • imecth@fedia.io
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        6 months ago

        Firefox knows the difference though, it won’t pull your passwords or login cookies. But yeah, it’s very easy to fall for phishing attempts, I just never click on anything sent in a mail to be safe.