Is this Google mail from gaia.bounces.google.com legit or another attempt of scam?
I've received the following suspicious mail in my Gmail inbox, about my password being exposed:
As you can see, it comes from gaia.bounces.google.com and is signed by accounts.google.com. But there are two things that seem weird to me:
- It is written in Portuguese. I live in Spain (but near the border with Portugal, just in case that's relevant) and usually receive Google mail in Spanish.
- The mentioned account is a @hotmail one I use as a backup account, not the main Gmail one that I use. It's been listed on haveibeenpwned.com a time ago but I changed all my passwords a few months ago when I started using a password manager.
I cannot see any problem with the signature, and the links on the mail seem legit. I've checked the certificate on the linked website and read this. Is this gaia.bounces.google.com legit? Does Google warn about other non-Google accounts?
The email you've received from gaia.bounces.google.com is legit, it is signed with the correct certificate from google. However, you are not the first one to raise a red flag for this one, whole security industry specialized in social engineering is applauding To answer your question, yes google does check databases of leaked credentials also for your recovery email address. Chrome has now functionality for checking hashes of your passwords (to any account on any website you're logging into) with their database of leaked credentials. This is part of their safe browsing feature.
Answer (1)
Determining whether an email from "gaia.bounces.google.com" is legitimate or a scam depends on several factors. Here's how you can assess its authenticity:
Sender's Address: Carefully examine the sender's email address. Legitimate emails from Google typically come from addresses ending in "@google.com" or "@gmail.com." If the sender's address looks suspicious or unfamiliar, it could be a sign of a scam.
Content of the Email: Read the content of the email carefully. Legitimate emails from Google usually contain specific information related to your account or a service you use. Be cautious if the email asks for sensitive information, such as passwords or financial details, or if it contains unexpected requests or offers.
Links and Attachments: Avoid clicking on any links or downloading attachments from the email unless you're certain of its legitimacy. Scammers often use phishing links or malicious attachments to steal personal information or install malware on your device.
Check for Spelling and Grammar Errors: Scam emails often contain spelling and grammar mistakes or awkward phrasing. While legitimate emails can also have errors, a high number of mistakes could indicate that the email is fraudulent.
Verify with Google: If you're unsure about the legitimacy of the email, consider contacting Google directly through official channels to verify its authenticity. You can visit the Google support website or use the contact information provided on their official website.