Gmail held hostage until I give Google my cell phone number!

cjmst3k · Jun 23, 2010

It wouldn't let me sign in with my correct password, and then it redirected me to a page where I had to give them my cell phone number to get a text message... why not just say any phone and make a voice message with a number?

...I really hope Google doesn't sell or use my cell phone number for anything.

_________________________

Account temporarily disabled
To immediately restore access to your account, enter your mobile phone number below, and we'll send you a text message with a verification code.
Verification Options
Text Message
Google will send a text message containing a verification code to your mobile phone.
Voice Call
Google will make an automated voice call to your phone with a verification code.
Country
Mobile phone company
Mobile phone number
Phone number
If you're having trouble verifying your account, please report your issue.

If you are unable to restore your account using a mobile phone, you can also contact support for further assistance.

We apologize for the inconvenience. Accounts may be disabled because of a perceived violation of either the Google Terms of Service or product-specific Terms of Service. Learn more

Tim Nicholson · Jun 23, 2010

Looks to me like a typical Phishing Scam. Why would Google want your mobile number?

Ignore it, and run a decent anti-malware package on your PC would be my advice.

Paul N · Jun 23, 2010

Why did it get disabled??

Mike Labbe · Jun 23, 2010

It's legitimate, because you forgot the password. You are asking them to send it to the account or phone # on file, right?

If they sent it to any phone, they could break into your account and get the password.

Usually when you set up a gmail, there is a backup email address where it can also be sent. That's usually the other option.

Mike

Framing: · Jun 23, 2010

You could have taken the code by voice on your landline either the option of getting the code was not just restricted to your cell phone.

This method sending verification code is a standard method on many of the Google applications, after all they cannot send it to your email as you were not able to access it.

I have used both methods from Google.

cjmst3k · Jun 23, 2010

That's the thing. I didn't forget the password. I was logged in all day... all week... all month on this computer. I opened a new gmail window, which usually I'm already logged in. This time it had my username already logged in and it my password was auto-typed. I hit the log-in button, but then it gave me that message. Then I went back and retyped my password, and made sure I typed it in correctly, and once again it gave me that message.

Then it I clicked on the other-than-cell-phone option, and in the center of that mostly blank page it said something like:

We've detected suspicious activity on your account:

Reasons that your account may get deleted:
1) Violation of Google's terms and services agreement (paraphrasing, but very close)
2) Google reserves the right to delete any account at any time, with no warning. (paraphrasing, but very close to this wording)

Since I didn't want any chance of them doing that, I figured even if they blatantly sell my phone number to people, having access to my email account is waaaay more important.

....but it was extremely sketchy. They didn't even say what the problem was, and they had me change my password. I wasn't allowed to keep my old password.

Mike Labbe @ GTP said:
It's legitimate, because you forgot the password. You are asking them to send it to the account or phone # on file, right?

If they sent it to any phone, they could break into your account and get the password.

Usually when you set up a gmail, there is a backup email address where it can also be sent. That's usually the other option.

Mike

David Waldmann · Jun 23, 2010

I'm having a similar problem, except it's not asking for my cell phone # (they already have it anyways for reminders).

I use Google Calendar, and leave it open in a tab all the time. I went to it once yesterday and it said I had to re-log in. Entered my password and it comes back to the same page - no error or anything. I used my RoboForm password manager to make sure I hadn't mis-typed; same thing. A whole day later, after repeated attempts, same thing.

David Waldmann · Jun 23, 2010

Oh, and I've been signed in, with the same account and no issues - to Google Docs, the whole time.

cjmst3k · Jun 23, 2010

Here's what the first page said when I couldn't log in:

and here's the page after they texted me the code:

I have no problem doing this, but to "immediately restore access" after I give them my cell phone number to get a code seems a pretty arbitrary way of combating what they called "suspicious activity". Don't "suspicious" people also have cell phones?

Mike Labbe · Jun 23, 2010

This is for your protection, and is because they detected unauthorized access. It's likely that someone from another country got in, and then used it to spread spam or viruses. This is happening to HOTMAIL accounts like crazy in the past few weeks, so it's likely that the same people are targeting GMAIL accounts.

I suggest also doing a scan of your pc with www.malwarebytes.org to make sure there are no spyware or key loggers, which might have stolen and sent the password(s) to a third party.

If the same password was used on multiple forums or sites, it's possible that one of the other sites has been exploited and had its email/password database stolen. (the problem may not be on your computer at all) This happens often, and is an easy way for someone to get into people's email accounts. Some of the dishonest individuals will use special software that tries thousands of different passwords, until it guesses the right one.

Mike

Paul N · Jun 23, 2010

It does seem like your account was compromised (started sending SPAM) and that would cause Google to take those steps.

cjmst3k · Jun 24, 2010

Mike Labbe @ GTP said:
This is for your protection, and is because they detected unauthorized access. It's likely that someone from another country got in, and then used it to spread spam or viruses. This is happening to HOTMAIL accounts like crazy in the past few weeks, so it's likely that the same people are targeting GMAIL accounts.

I suggest also doing a scan of your pc with www.malwarebytes.org to make sure there are no spyware or key loggers, which might have stolen and sent the password(s) to a third party.

If the same password was used on multiple forums or sites, it's possible that one of the other sites has been exploited and had its email/password database stolen. (the problem may not be on your computer at all) This happens often, and is an easy way for someone to get into people's email accounts. Some of the dishonest individuals will use special software that tries thousands of different passwords, until it guesses the right one.

Mike

A number of family friends and people they know have sent me spam emails which I recognized right away as spam, usually with a link that I stayed far away from.

...perhaps it's related. Maybe my account was used to do this too, and I have yet to hear from people my account emailed.

Indyago · Jun 25, 2010

Passwords

I read a email security article recently that made some rather scary claims. It is apparently easier than one would think to hijack an email or other account requiring authentication.

It seems quite a number of users enlist passwords such as "password', one click on the spacebar, a blank password field, and other simplistic or juvenile words or phases that allow for easy cracking by the "hackers" who make a living at this endeavor.

Two other issues were: using the same username and password for all online accounts and not changing the passwords every 30 to 90 days as most services suggest in their usage statements.

Systematically changing the password decreases the odds that someone will crack your account, although even that doesn't insure it. And having different user names for different applications again make it far less likely you will be exposed, although it doesn't guarantee that either.

So, for those of us out there that think "No one would waste time on breaking into my account", or, "How would someone know I even exist?? "They" do, and they try everyday.

Now, enough doom and gloom, how about that US Soccer team! :icon21:

Rob

David Waldmann · Jun 25, 2010

Our bank is instituting a new security system for our (business) online banking. They have issued a handheld electronic "football" (it's about 1/4" thick, 1" wide and 2" long) that requests a code that is good for 30 seconds. You need that, your login and PIN to access your account. Very secure, but impossible to access your account unless you have the football. When my daughter worked at the Arctic Region Supercomputing Center she had something like that for accessing the network remotely and I thought that was pretty extreme. Now it's here for banking. What next?

Paul N · Jun 25, 2010

eBay (and many companies) has a thingie like that: It generates a certain 8 digit number that you enter with your password.

David Waldmann · Jun 26, 2010

For no apparent reason I was suddenly allowed back into my Google Calendar. Funny I never had any trouble with it for the year or so it was "beta"... :shrug:

Gmail held hostage until I give Google my cell phone number!

cjmst3k

SGF, Supreme Grumble Framer

Tim Nicholson

Grumbler

Paul N

SPFG, Supreme Picture Framing God

Mike Labbe

Administrator

Framing:

Guest

cjmst3k

SGF, Supreme Grumble Framer

David Waldmann

The Guru

David Waldmann

The Guru

cjmst3k

SGF, Supreme Grumble Framer

Mike Labbe

Administrator

Paul N

SPFG, Supreme Picture Framing God

cjmst3k

SGF, Supreme Grumble Framer

Indyago

CGF, Certified Grumble Framer

David Waldmann

The Guru

Paul N

SPFG, Supreme Picture Framing God

David Waldmann

The Guru

We value your privacy