Hacking your own GMail account

Today I received this scary email entitled "Suspicious sign in prevented":

Victor,

Someone recently tried to use an application to sign in to your Google Account, ... We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

Tuesday, July 10, 2012 4:18:41 PM GMT
IP Address: 66.87.4.45 (spcsdns.net)
Location: Bethesda, MD, USA

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how at http://support.google.com/accounts?p=reset_pw

If this was you, and you want to give this application access to your account, complete the troubleshooting steps listed at http://support.google.com/mail?p=client_login

Sincerely,
The Google Accounts Team

After checking my public IP (of course I know it by heart, but just in case =)) and making sure that it is not even close to 66.87.4.45, I decided to change my password.

But after a cup of coffee and some thoughts, the identity of a mysterious hijacker was exposed - it was myself. To be exact, it was my recently bought Android phone acting on my behalf. When I stepped out of my apartment to buy coffee, it switched from WiFi to mobile network data connection and tried to fetch some emails.

The only thing that I don't understand, is why Google linked the phone's IP with suspicious domain and location, while other IP locators, such as ip2location.com, had no problems identifying it as belonging to the SPRINT network.

Anyway, changing your password from time to time is not a bad idea =). I'll think of it as a test alarm that will make me prepared for real threats.

Comments

Enkouyami
Thanks for that post. I was wondering why I kept seeing that message and I kept changing my password every time to something more complicated, wondering how spcsdns.net kept getting it.
comments powered by Disqus