What to do about Gmail Message [Attempt] Suspicious Sign-in Prevented ?

Received Email from Google stating Sign-in attempt prevented or Suspicious sign-in prevented. Causes could be failure of SMTP or Outlook authentication

If you have received a mail from Google stating that a ‘sign-in attempt prevented’ or ‘Suspicious sign-in prevented’ then someone might have attempted to sign-in using your ID or probably you might have tried signing to a 3rd party client or app like outlook which Google blocked due to clients low-security standards. The mail may also come when trying to connect your Gmail servers using SMTP authentication.

Here are some solutions, discussions, fixes, and analysis based on different conditions under which you may have got mail:

A Fake Mail Sent in the Name of Google

An email is being circulated which looks very convincing and official, like a notice from Google stating “Sign-in attempt prevented”. This has turned out to be a bogus mail, spotted by security researchers as a phishing attempt to get your account info. An example of  such a fake mail is shown below:

Fake Mail stating suspicious sign in

Fake Mail stating suspicious sign in

The mail is equipped with a Google logo and contains your email ID, the sender’s mail address that can deceive any user from considering it to be real, location details of the attempted and a note stating that someone tried to sign in to your Google account. The mail also contains some links which when clicked will lead you to a domain that also looks like it belongs to Google, and which sports a spoofed login page and some details related to your account.

And if you sign in using that page then the information you enter will be taken up by rouge to harvest your ‘Google account credentials’.

What to do ?

    1. In Gmail, open the suspicious message.
    2. Click the down arrow next to “Reply”.
      Reply drop-down arrow
    3. Select Report PhishingGoogle will look forward for further actions to be taken.
  • If you want to log in and change your password use original Google login page and change your password do not click on any link provided.

A Real Mail Sent by the Google

Google Sign in prevented mail

Google Sign in prevented Google mail

The mail sent in the name of Google may be a legit one, so it is better to review your recent activity. Actually, it is a bit difficult to recognize and differentiate a spoof mail as it can be undiscerning to a user. For example, a spoofer may use Greek ‘o’ instead Latin ‘o’ e.g [email protected], it is difficult to differentiate. Google’s website states:

A spoofed mail may ask for personal information like usernames, passwords, or other identification information, or send you to unfamiliar websites asking for this information.

Source: Google

What to do?

To be on the safer side do not click on any links provided in the mail even if it seems to be legit. Open your Google account page in a new tab if you wish to make any necessary changes in your account.

Check for suspicious account activity

  1. Go to your Recent Activity page.
  2. Sign into your account.
  3. Review your recent activity and look for unfamiliar locations or devices. You can also click on any event in the list to see more details about it on the right.
  4. If you see any activity you don’t recognize, click Change password at the top of the page.
  5. Follow the steps to change your password.

Change your password to long, unfamiliar and complex type.

Easily Change Gmail or Google Account Password & Recovery Information

If you find something suspicious, report it as spam.

Gmail Rejecting SMTP Authentication as Suspicious Sign in

If you get an error “SMTP Error: Could not authenticate.” and on checking the mailbox if you find an email stating “Suspicious sign in prevented” then follow the steps to fix the problem and get access to SMTP.

What to do?

  1. First login to your Google Account.
  2. Click here and look for an option called “Allow less secure apps”.

    Allow less secure apps

    Allow less secure apps

  3. Turn the option ON.

That is it you can now connect to Gmail mail servers using SMTP.

Note: Some apps and devices may not use modern security standards and are less secure, which could leave your account vulnerable.

Google blocking a sign-in attempt to 3rd party clients like Outlook

As promised by Google they started blocking Sign in for third party clients or services which do not meet their security standards. As these apps and devices are more prone to be attacked and easy to break through, Google prevents them from signing showing an error “Password incorrect”.

Some examples of apps that do not support the latest security standards include:

  • The Mail app on your iPhone or iPad with iOS 6 or below
  • The Mail app on your Windows phone preceding the 8.1 release
  • Some desktop mail clients like Microsoft Outlook and Mozilla Thunderbird

Source: Google

What to do?

Update to more secure apps having modern security measures.

  1. First login to your Google Account.
  2. Click herescroll down and look for option called “Allow less secure apps”.
  3. Turn the option ON.

Now you can access your Google account for all third-party clients like Outlook and Trillian.

Read: Full comprehensive guide to get used to with MSN Hotmail Email Account.

Add an Extra Layer of Protection to your Google Account

You can put an extra layer of security to your Google account by adding security code and 2 step verification process.

1. Security code

This security code can be accessed from your Android Smartphone. Google will ask you for the code to make sure the user is authentic in cases where:

  • If you sign in from a new location or device.
  • If they suspect someone else might be trying to access your account.

To get a security code

  1. Look for the app called Google settings in App drawer.
  2. Tap on it and look for an option called Security under services option.
  3. Tap on security code and select the Google account to avail your code.

This code is only asked where Google’s system find something unusual behavior with your account.

2. Two-Step verification

2-step verification process is much more secure. Just you need to register your mobile number with Google and each time you sign-in to a new device or software using Google account a PIN is sent to your phone which you need to verify. Thus, protecting your account from hackers.

Setup Google’s 2-Step Verification Easily to Secure Account

Conclusion: I hope this post was helpful in clearing all your doubts & queries and putting forward to you some solutions and fixes. If you need any assistance please comment below.

If you've any thoughts on What to do about Gmail Message [Attempt] Suspicious Sign-in Prevented ?, then feel free to drop in below comment box. Also, please subscribe to our DigitBin YouTube channel for videos tutorials. Cheers!

Nikhil Azza
Nikhil is a Tech Blogger who sometimes loves to write real-life lore. He has been writing content for the past 8 years, with over 1K+ articles written on Android, Mac, iOS, Social Media, Cloud Storage, Software, and General Tech. Know More

8 Responses

  1. Mariette says:

    I have been receiving a sign-in attempt prevented e-mail every single morning for the past 8 months. It looks similar to the example with the [email protected] address. Every morning, I simply delete it and carry on with my daily task. I change my password on a regular basis and only use my laptop for e-mail. But what do I do to stop it? I cannot carry on like this for eternity?

  2. anh hop says:

    Thanks you very much for this article

  3. Mandila says:

    Many thanks really beneficial. Will share website with my buddies.

  4. Jerry says:

    I just got one of these fake emails. It said that it happened on Wednesday, April 10th, 2017. Red flag went up immediately, because the 10th of April fell on Monday, not Wednesday.

  5. trisha says:

    Hi, i jsut want to ask, Google said that they prevented someone from signing into my account. I just want to know if they really prevented like they didnt allow the person to sign in or was he able to get through my stuffs?

    • Nikhil says:

      No access was given to any third person. But an app with low-security measures might be asking for your account access which triggered the warning message.

    • Matt says:

      I had one where they blocked access, but then 10 minutes later allowed them in. They sent emails from my account and even blocked a certain address causing it to go to the spam folder

  6. best seo blog says:

    Really Intriguing

Leave a Reply

Your email address will not be published. Required fields are marked *