I have two domains using google apps/gmail etc. The backup email for them is a single hotmail account.
About a week ago I had an email advising I change the password of Domain 2 after a sign-in from a less secure app was prevented. I checked in myaccount.google.com/security-checkup and it seemed legit. The email notification was clear and accurate. It appeared to be from a google domain. I changed the password (in fairness the old password was well overdue a change)
i've just had another email to my backup hotmail address subject: "Critical security alert". Again, it seems to be from a legit address (no-reply@accounts.google.com) but I understand phishing is sneakier than ever these days. I've opened the email but not clicked any links.
It reads:
Sign-in attempt was blocked *****@ hotmail.com
Someone just used your password to try to sign in to your account. Google blocked them but you should check what happened.
CHECK ACTIVITY
Hovering over the button suggests it takes you to the account chooser on google but will try to autofill the hotmail address which seems odd. It doesn't mention either Domain 1 or Domain 2 which actually use gmail.
I tried to check-security on both domains but had no security events showing. I've changed the password for the hotmail account from a new browser. Is there anything more I can do/need to do?
2FA is you haven't already.
Don't follow the links they provide, make your own way to the relevant page for changing your password.
And have I mentioned 2FA?
hamrack
@CYOA
I have two domains using google apps/gmail etc. The backup email for them is a single hotmail account.
About a week ago I had an email advising I change the password of Domain 2 after a sign-in from a less secure app was prevented. I checked in myaccount.google.com/security-checkup and it seemed legit. The email notification was clear and accurate. It appeared to be from a google domain. I changed the password (in fairness the old password was well overdue a change)
i've just had another email to my backup hotmail address subject: "Critical security alert". Again, it seems to be from a legit address (no-reply@accounts.google.com) but I understand phishing is sneakier than ever these days. I've opened the email but not clicked any links.
It reads:
Sign-in attempt was blocked *****@ hotmail.com
Someone just used your password to try to sign in to your account. Google blocked them but you should check what happened.
CHECK ACTIVITY
Hovering over the button suggests it takes you to the account chooser on google but will try to autofill the hotmail address which seems odd. It doesn't mention either Domain 1 or Domain 2 which actually use gmail.
I tried to check-security on both domains but had no security events showing. I've changed the password for the hotmail account from a new browser. Is there anything more I can do/need to do?