Wednesday, February 10, 2010

Adventures with Gmail

Last week, I had a bit of a Gmail scare. I arrived at the office and did my usual routine of logging onto the computers at my desk, including logging into my Gmail account. I always have it open in the background, because let’s face it, I’m addicted to “the grid.” All was good for most of the morning. Then at about 11am, I turn around to do something on that computer and my browser window has a big warning message:

Account Lockdown: Unusual Activity Detected

The page also listed several possible reasons for this and indicated I’d be in the penalty box for up to 24 hours. (24 hours?!?)

According to Google, unusual activity includes, but is not limited to:

  1. Receiving, deleting, or downloading large amounts of mail via POP or IMAP in a short period of time.
  2. Sending a large number of undeliverable messages (messages that bounce back).
  3. Using file-sharing or file-storage software, browser extensions, or third party software that automatically signs in to Gmail.
  4. Leaving multiple instances of Gmail open.
  5. Browser-related issues.

It’s really hard not to want to panic in this situation, but what can you do? 24 hours seems like a really long time when it comes to email access and I didn’t just want to sit and wait. Ultimately, my access was restored in a few hours, and I learned a few things about the big “G” in the cloud.

My first concern was that my account might have been compromised, so I wanted to change my password. If my account had been compromised changing the password would likely stop any potential abuse (activity #2). I happen to use several Google services, which made it possible to change my password without having access to the email service. Since the “unusual activity” was limited to email, my account itself wasn’t locked, only it’s connection to mail. I could still access Google Reader, etc – any of those services have a portal to the account management. Using that I changed my password, which made me feel a lot better. (I might not have had access to my mail, but I was sure no one else did now either!)

The only devices connecting to my email at the time where the one work computer and my BlackBerry. Perhaps the BlackBerry BIS service was making too many calls to my account? I logged onto the website for that and disconnected that service. I believe BIS uses IMAP to connect (activity #1), so I figured that couldn’t hurt.

I cleared my IE cache, deleted all my cookies and ran a virus scan on my computer (activity #5). I even cleared the cookies and cache on the other machines on my desk even though I don’t usually use them for Gmail access. At this point I was pretty sure I didn’t have any other machines attempting to connect (activity #4). My home computers were off, my office computers were not connected and my BlackBerry service was removed.

I’ve been told the most common cause of this problem is a “cookie gone bad” or the potential false positive on Google’s side, which clear up in a few hours. I would have liked to have access to the Recent Activity page that you can get to from the bottom of your Gmail Inbox. You can use that to close any other sessions (from home computers, for example) and see the IP addresses from your most recent connection points. Turns out that URL doesn’t change, so bookmark it and it will load if you are logged onto any other Google service.

I don’t think I’ll ever know if I was unintentionally abusing the system, but I can’t help but to feel the punishment was punitive, even for a free service. Google is excellent at collecting data - I’m sure they could tell that my account was not newly created, I was a daily user of the service and I had no prior history of excessive usage patterns. Since I do have an alternate email address in the system, a warning notice or a post-lockdown follow-up message giving me some actions to take would have been helpful. I would have happily performed some remediation checks and then clicked a link to have my account rechecked within a hour. The suspension system is automated, so automating a recheck after the user responds to a message shouldn’t be so difficult.

If I was truly a spammer or if I was someone who wasn’t a daily user of Gmail, I may not even care that the service was suspended for 24 hours, but for those of use the service regularly, a little tech support love can go a long way.

1 comment:

  1. I've never had that happen but I think I would be in the same mindset...what is going on?? I like your systematic approach to the problem. I agree with you on more feedback from Google's side would be helpful. Nice post!

    ReplyDelete

MS ITPro Evangelists Blogs

More Great Blogs