Posted March 24, 2010 3:47 pm by with 0 comments

Tweet about this on TwitterShare on LinkedInShare on Google+Share on FacebookBuffer this page

Gmail has added a new security feature to identify suspicious logins to your account. Using the broad geographic region of IP addresses logging in, Google says, “a login appearing to come from one country and occurring a few hours after a login from another country may trigger an alert.” The red alert bar displays above the email box:

The feature is activated by default and will be coming to Google Apps customers soon. This may be a little inconvenient if you travel a lot, but you can click “Ignore” on the warning and move on with your life. If you’re not traveling, or are worried about the activity, the “Details” link shows the geographic areas of the last several logins. If you think your account has been hacked, you can also change your password from that screen.

But . . . is it just me, or does this example (the first paragraph from the blog announcement) seem a little . . . out of context?

A few weeks ago, I got an email presumably from a friend stuck in London asking for some money to help him out. It turned out that the email was sent by a scammer who had hijacked my friend’s account. By reading his email, the scammer had figured out my friend’s whereabouts and was emailing all of his contacts. Here at Google, we work hard to protect Gmail accounts against this kind of abuse. Today we’re introducing a new feature to notify you when we detect suspicious login activity on your account.

I got one of those emails a few weeks ago from someone I knew wasn’t traveling, and I’ve seen the same scam attempted on Facebook always—asking for money in London. The hackers don’t care where you are—but if you were actually in London, this new feature wouldn’t help, since it wouldn’t look like suspicious activity to Google (if the user had already established they were in London) or the user (if they checked the warning flag) at all.

Regardless, the new feature is a nice (although by no means comprehensive) way to track suspicious account activity.

What do you think? Is this feature useful, or more likely to get in the way?