Is the mail that came from gaia bounces google com legit?
I've received a suspicious mail in my Gmail inbox, about my password being exposed It comes from gaia.bounces.google.com and is signed by accounts.google.com. But there are two weird things about it:
It is written in Portuguese. I live in Spain (but near the border with Portugal, just in case that's relevant) and usually receive Google mail in spanish.
The mentioned account is a @hotmail one I use as a backup account, not the main Gmail one. It's been listed on haveibeenpwned.com a while ago but I changed all my passwords a few months ago when I started using a password manager.
I cannot see any problem with the signature, and the links on the mail seem legit. I've checked the certificate on the linked website and read this. Is this legit? Does Google warn about other non-Google accounts?
The email you've received from gaia bounces google com is legit, it is signed with the correct certificate of google. However, you are not the first one to raise a red flag for this one, the whole security industry specialised in social engineering is applauding google for the great "phishing attempt". To answer your question, yes google is checking databases of leaked credentials also for your recovery email address. Chrome now has functionality for checking hashes of your passwords (to any account on any website you're logging into) with their database of leaked credentials. This is part of their safe browsing feature.
Answer (1)
If you received an email purportedly from "Gaia Bounces bounces@google.com" and you're unsure about its legitimacy, it's essential to exercise caution and follow these steps to verify its authenticity:
If you received an email purportedly from "Gaia Bounces bounces@google.com" and you're unsure about its legitimacy, it's essential to exercise caution and follow these steps to verify its authenticity:
Check the Sender's Email Address: Verify the sender's email address carefully. While the display name might appear as "Gaia Bounces," the actual email address it was sent from should be scrutinized. If it's not an official Google domain (e.g., "@google.com"), it could be a spoofed or phishing email.
Review the Email Content: Analyze the content of the email for any signs of suspicious or unusual language, requests for personal information, or urgent actions required. Legitimate emails from reputable sources typically have professional and clear communication.
Do Not Click on Links or Download Attachments: Avoid clicking on any links or downloading attachments from the email until you've verified its legitimacy. Links and attachments could lead to malicious websites or malware.
Verify with Google: If you're unsure about the authenticity of the email, you can contact Google's support or security team to verify whether it's legitimate. They can provide guidance on how to proceed and report any suspicious emails.
Check for Known Scams: Search online for any reports or warnings about known scams or phishing attempts related to emails from "Gaia Bounces" or similar sources. Online forums, security websites, and community discussions often share information about phishing attempts targeting users.
Use Security Software: Ensure that you have up-to-date antivirus and anti-malware software installed on your device to detect and prevent any potential threats from suspicious emails.
Report Suspicious Emails: If you determine that the email is indeed suspicious or potentially harmful, report it to your email provider (e.g., Gmail) as phishing or spam. This helps protect other users from falling victim to similar attacks.
By following these steps, you can verify the legitimacy of the email and take appropriate actions to protect yourself and your data from potential threats. If in doubt, it's always better to err on the side of caution and refrain from interacting with suspicious emails.