I have been using Gmail for a few years now and have come to love their spam filtering and security among other things. Gmail was probably one of the first free email provider to allow users to see where they logged in from and also provide an additional security layer with 2-step verification logins.
Some of the most interesting features in Gmail have been the ability to detect suspicious emails from your contacts, ability to alert you whenever any suspicious activity takes place in your account and the feature which alerts you whenever any filters have been setup to forward emails to another account.
However, there is a chance that most of the users do not access their accounts through the web interface and instead prefer using IMAP, notifying such types of accounts is harder. To overcome that problem Gmail has now started sending out emails to users saying that they have detected and prevented a suspicious login from an unknown location.
The email which arrived in my inbox earlier today can be seen in the image above. The message reads:
Keith,
Someone recently tried to use an application to sign in to your Google Account, [redacted]. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:
May 8, 2012 8:37am GMT
IP Address: 204.15.240.72
Location: Sunnyvale, California, United StatesIf you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately.
Sincerely,
The Google Accounts Team
This email approach from Gmail seems to be new and will allow users who don’t access the web interface to find out if their account is being compromised. It is not clear though whether the user was able to login successfully or not. Nevertheless, you should definitely change your password if you receive it.
If you need help generating strong passwords, you can check out 4 unique apps to generate strong passwords.
Update: For all those asking I had already confirmed that this is a legit email and a Gmail community manager has also confirmed this it is legitimate in a stack exchange thread:
I am the Gmail Community Manager, and I can confirm that we do send email notifications in certain cases such as described here.
Always carefully check the URL and never enter your Google password on a page that is not hosted at google.com.
Update 2: Turns out that Google is now actively blocking login attempts from services like Plaxo and Dropbox. A thread on Dropbox reports similar emails being sent out to users.