Flood of Gmail "new address" notifications from spammy-named accounts?
September 1, 2015 4:27 AM Subscribe
I have an extremely common first and last name and was "lucky" enough to procure myfirstname.mylastname@gmail.com about a decade ago. I'm used to the normal problems this entails, but now I'm noticing a new one that puzzles me.
For the past 6-8 weeks, there has been an uptick in the number of notifications I've received for new Gmail addresses adding myfirstname.mylastname@gmail.com as their back-up account. I had received these before, and they seemed fairly innocuous, but now I'm getting ~1-2 a day, and they're from spammy accounts, where a person's name is appended by a variation of letters/numbers. For example, I've been notified of a dozen or so new accounts for Jane Doe named thusly:
janedoe.ab2300@gmail.com
janedoe.ab2356@gmail.com
janedoe.ab4894@gmail.com
janedoe.ab5823@gmail.com
etc.
Gmail legitimately offers a way to opt-out of this connection: I can click a link in the notification email to "disavow" this account being connected to mine. I used to do this, when the account names were more innocuous, but now I'm starting to worry that someone is spoofing (has spoofed? is trying to spoof?) the notification page, and somehow I'll get phished or some other bad thing will happen. At the same time, I'd rather not have an infinite number of random, fake accounts attached to mine.
Why might this be happening? Is there anything else I should be worried about, besides the phishing? Like, maybe they're trying to make my account look fake, by attaching a bunch of fake accounts to it, so that it makes Gmail's spam filters less effective? Something just seems...off, and I can't figure out who is benefiting and how, and whether I should keep clicking the disavowal links in the notification message.
For the past 6-8 weeks, there has been an uptick in the number of notifications I've received for new Gmail addresses adding myfirstname.mylastname@gmail.com as their back-up account. I had received these before, and they seemed fairly innocuous, but now I'm getting ~1-2 a day, and they're from spammy accounts, where a person's name is appended by a variation of letters/numbers. For example, I've been notified of a dozen or so new accounts for Jane Doe named thusly:
janedoe.ab2300@gmail.com
janedoe.ab2356@gmail.com
janedoe.ab4894@gmail.com
janedoe.ab5823@gmail.com
etc.
Gmail legitimately offers a way to opt-out of this connection: I can click a link in the notification email to "disavow" this account being connected to mine. I used to do this, when the account names were more innocuous, but now I'm starting to worry that someone is spoofing (has spoofed? is trying to spoof?) the notification page, and somehow I'll get phished or some other bad thing will happen. At the same time, I'd rather not have an infinite number of random, fake accounts attached to mine.
Why might this be happening? Is there anything else I should be worried about, besides the phishing? Like, maybe they're trying to make my account look fake, by attaching a bunch of fake accounts to it, so that it makes Gmail's spam filters less effective? Something just seems...off, and I can't figure out who is benefiting and how, and whether I should keep clicking the disavowal links in the notification message.
I do get a bunch of those as well,, and have had some bad experiences with people trying to use my name or email to procure services.
At this stage I recommend using a password manager, changing your password to a very complicated string, and enabling two factor authentication.
I read about standard techniques to get into your email was to link two accounts, and then asking for the password to the first one. So, yeah, enable your SMS verification.
posted by kadmilos at 5:56 AM on September 1, 2015 [1 favorite]
At this stage I recommend using a password manager, changing your password to a very complicated string, and enabling two factor authentication.
I read about standard techniques to get into your email was to link two accounts, and then asking for the password to the first one. So, yeah, enable your SMS verification.
posted by kadmilos at 5:56 AM on September 1, 2015 [1 favorite]
My guess is that someone is making a bunch of accounts to use to send spam and perhaps accepting a default option to connect the accounts to yours. You could try reporting the addresses for abuse.
posted by exogenous at 11:36 AM on September 1, 2015
posted by exogenous at 11:36 AM on September 1, 2015
Response by poster: Thanks, I use a password manager, and two-factor authentication is turned on. Also, if they're claiming that *my* email is the back-up, then shouldn't I be able to change *their* password? I didn't think it worked both ways, though, that seems like it would be a security nightmare.
posted by unknowncommand at 9:35 PM on September 1, 2015
posted by unknowncommand at 9:35 PM on September 1, 2015
« Older re-using a non-traditional wedding dress | Help me identify these particularly delicious... Newer »
This thread is closed to new comments.
Maybe they're fishing for unused accounts? I couldn't figure out what the scam was either, but changing my password seemed to stop it, at least for now.
posted by ralan at 5:17 AM on September 1, 2015