7

I received an email from gaia.bounces.google.com, supposedly from Google, which asked me to click on a link to check my security status. Is this legitimate? I searched with my Norton Safe Search but couldn't find this .com at all.

Dawn Stanza
  • 79
  • 1
  • 1
  • 2
  • Googling the domain name produced lots of hits like [this one](https://support.google.com/mail/forum/AAAAK7un8RUxLyvZFkBSko/?hl=en). That sort of says it all. – Neil Smithline Apr 04 '18 at 04:05

2 Answers2

5

This Google help site tells you how to check for an authenticated message.

To quote:

The message is authenticated if you see:

  • "Mailed by" header with the domain name, like google.com.
  • "Signed by" header with the sending domain.

The message isn't authenticated if you see a question mark next to the sender's name. If you see this, be careful about replying or downloading any attachments.

When an email isn't authenticated, that means Gmail doesn't know if the message is coming from the person who appears to be sending it.

What this translates to, is the following: if the message is authenticated, the sender that is displayed is really the person or system that sent the message.

That does not mean though, that every authenticated message that you receive from a person or system is a legitimate non-phishing message. The likelihood is however very much increased.

Because there are very little details in your question, here are two other questions that might help you:

  • for identifying phishing mails in general refer to this one
  • and also have a look at this one, because it could be a duplicate to yours.
Tom K.
  • 7,913
  • 3
  • 30
  • 53
0

Is there a possability this is not phishing

Maybe, this seems like a legit email similar to the one you recieved, even though the email seems on first impression to be very likely to be spam.

How should I respond to suspicious emails

  • Do not click links in the email
  • Navigate to the site mentioned manually
    • In this case googling google security checkup gives a link to here

The advice from the link above seems to mirror this:

Holmes stressed that when someone receives an alert like this, the right thing to do is to first “take a deep breath,” and then open a new browser window and manually type and navigate to the settings of the service in question (in this case, to myaccount.google.com/security-checkup) and see what’s going on there, without ever clicking on the link in the email.

jrtapsell
  • 3,169
  • 15
  • 30
  • The email is very likely not spam if it really is from the mentioned sender. Check Neil Smithline's comment on OP's question. – Tom K. Apr 04 '18 at 07:01