8 Facts to Know About Suspicious Activity Login

It’s easy to let your guard down when it comes to suspicious activity – especially if you feel like you have a handle on all the big tips and tricks. But cybercriminals are always looking for new ways to scam unsuspecting users, so as technology evolves, so do their methods. Scammers are targeting diligent privacy seekers with this “Unusual Sign-In Activity” scam across all platforms. 

The trickery here is rather straightforward: sending a message saying someone tried to log into your account, and the senders of these emails count on you being frazzled enough to react without giving it a second thought. The message typically looks something like this:

A user just logged into your account from a new device Samsung S21. Please verify if this is you by logging in here. 

Thanks,

The Facebook Team

So, what happens when you click on the link? One of two things may occur:

1. You will be directed to a phishing page that looks like the regular account log-in page to trick you into providing your credentials. 
2. A pre-formatted email in your client of choice will pop open for you to respond to the creators, and anybody replying will request your login details through a booby-trapped attached document. 

It’s important to note that this scam has been used not only for social media sites but also for bank accounts, email accounts, and so much more, but the outcome is always the same – trying to trick you into logging in so they can take over your account. 

Does Google tell you when someone tries to log into your account?

Yes, Google provides security features that can notify you when someone attempts to log into your Google account. Google allows you to review the sign-in history for your account. You can see a list of devices that have accessed your account and their locations.  If Google identifies what it considers to be a potentially unauthorized login, it will send you a security alert via email or a notification on your device.

What triggers suspicious activity login?

Suspicious activity logins are triggered for a few reasons:

Unfamiliar Location: If you log in from a location that your account has not been accessed from before, it can raise suspicion. This may be a different city or country.

Unfamiliar Device: Access your account from a new or unregistered device, especially if it’s one you’ve never used for login before? Flag this as suspicious.

Multiple Login Attempts: A series of failed login attempts within a short timeframe can trigger suspicion. It might indicate a brute-force attack where someone is trying various combinations to guess your password.

Access from a Known Malicious IP Address: If login attempts come from an IP address known for malicious activities, it can trigger suspicion.

Failed Authentication: Repeated failed authentication attempts or providing incorrect credentials multiple times can raise suspicion.

Unusual Time of Access: Consider logins at unusual times or during periods when you typically don’t access your account as suspicious.

High-Risk Countries: View logins from countries or regions with high cybercrime or hacking activity with caution.

Access to Sensitive Information: Attempts to access sensitive or privileged areas of your account or service may trigger additional security measures.

Should I worry if a scammer has my email address?

If a scammer has your email address, they can target you for phishing attacks, and it will be easier for them to initiate an account takeover of accounts associated with that email address.  Notice unusual or unauthorized activity in your email account or suspect a compromise? Act immediately. Change your password, enable 2FA, and contact your email provider’s support for assistance if needed.

Do they know my password?

“Unusual login attempt” alerts often indicate phishing scams, not actual knowledge of your password.

How do I know if a security alert is real?

Take all the necessary steps to ensure the authenticity of an alert to outsmart the scammers:

How to Avoid Online Suspicious Activity

• Check the Sender’s Email Address: Examine the sender’s email address carefully. Official Google security alerts will come from an email address with the “@google.com” domain. Be wary of emails from suspicious or unrelated domains.

• Look for Logo and Branding: Legitimate security alerts typically feature the company logo, consistent branding, and a professional layout. Be cautious of emails that lack these elements or appear unprofessional.

• Read the Content Carefully: Analyze the content of the email. Beware of messages with grammatical errors, spelling mistakes, or a sense of urgency designed to create panic.

• Don’t Click on Suspicious Links: Don’t click links or download attachments in emails requiring sensitive information. Instead, open your web browser and access your account directly.

• Enable 2FA: Verify emails suggesting 2FA or recovery updates by enabling 2FA directly in your account settings.

• Independently Verify the Information: Even if the email seems genuine, it’s a good practice to independently verify the information provided. Go directly to the company’s official website or use your mobile app to check your account activity, settings, and security status.

• Contact Support: If you have doubts about the email’s authenticity, contact support through official channels, such as the “Help” section on the company website. 

• Use a Password Manager: A reliable password manager can help protect you from phishing attacks by automatically filling in your credentials on legitimate websites. This can prevent you from falling for fake login pages in phishing emails.

It’s important to stay vigilant and take action if you receive a security alert about an unauthorized login attempt. Suspect a compromised account? Immediately change your password, review your account settings and enable 2FA for added security. Regularly monitoring your account activity and promptly addressing any suspicious logins can help protect your accounts from unauthorized access. Stay safe out there!

Categorised in: Online Privacy

This post was written by Adrian Yang