Here's What You Need to Do If You Receive the 'Review Blocked Sign-In Attempt' Message

Have you ever wondered how popular Google services are? The company has released an official report stating that it now has 7 products with more than 1 billion users. These include Gmail, YouTube, Google Play, Maps, Chrome, Search, and Android. No doubt Google is one of the top tech companies in the world, and we probably would not find a single person living in the modern world who has never heard of any of its services. Hackers are also well aware of the fact that millions of users use Google services every day, so it is not surprising that this particular group of Internet users has become a huge target for hackers.

According to research conducted by Google between 2016 and 2017, cybercriminals try to break into Google accounts constantly. Unfortunately, their attempts are often successful. The study has revealed that hackers obtain nearly 250,000 credentials every week, which is an extremely overwhelming number. Google understands the seriousness of the given situation, and, luckily, the company does not leave users to take care of their online security on their own. The company has recently installed new tools that recognize suspicious activity and inform users about it. To be more specific, Google now sends Review Blocked Sign-In Attempt messages to users when an attempt to log into the user's Google account from a suspicious app/service is detected.

Why do I see the Review Blocked Sign-In Attempt message?

We use the Google Account ID to sign-in to a number of third-party services these days, be it a discussion board, a dating app, or an online photo gallery. This is no doubt useful since users do not need to create yet another account to use the service. Believe us, it might be a pain to keep track of all login credentials. Additionally, it is considered a safer practice since the service provider does not get the user's password. Unfortunately, a bunch of third-party services popular among users do not meet high security standards set by Google. To put it another way, they are more prone to be hacked by cybercriminals and thus are not considered reliable by security experts. Some examples of apps that do not support the latest security standards are listed below:

• The Mail app with the version 6 or below installed on an iPhone or iPad
• The Mail app on the Windows Phone older than the Windows Phone 8.1 release
• Some email clients like Mozilla Thunderbird

If Google detects an attempt to sign-in to the user's Google Account from a suspicious app/service, the sign-in attempt is immediately prevented and the Review Blocked Sign-In Attempt message is sent to the affected user's Gmail. This explains why it is often referred to as the Gmail security email. Some users find all these security messages extremely irritating, but there is no need to be angry at Google – the company simply takes security measures to improve users' accounts security.

I have received the Gmail security message. What are my options?

Have you recently tried to sign-in to the third-party app or some kind of service using your Google Account credentials? If so, do not be surprised that you have received the Gmail security email. In this case, you have two options: 1) stop using the app/service considered less secure completely OR 2) update your Google Account security settings, i.e. turn on the feature that allows less secure apps and services to access Google Account (please find instructions below). To be frank, Google does not recommend doing that. Yes, you could log into your Google Account using the third-party app/service freely and do not bother about the Review Blocked Sign-in Attempt message anymore, but this may leave your account vulnerable.

How do I change account access for less secure third-party apps?

1. Log into your Google Account.
2. Access the Less secure apps section.
3. Enable Allow less secure apps.

You should take immediate action if you have never received the Review Blocked Sign-In Attempt message when logging into a non-Google application/service before, or you cannot recognize recent activity the Gmail security email has informed you about. The Gmail security email received may be a sign that unauthorized people have your Google Account password. In such a case, change your password immediately and, additionally, set up Google 2-Step Verification to add a layer of protection. The worst you can do in such a situation is to ignore the email received and take no further action.

How do I change my Google Account password?

1. Log into your Google Account.
2. Click Signing in to Google under Sign-in & security.
3. Choose Password.
4. Sign in again if asked.
5. Enter a new desirable password.
6. Select Change Password.

Be careful, scammers want your credentials

While the legitimate Review Blocked Sign-In Attempt message is sent to users to warn them about the possible security breach, cybercriminals might create a fake Gmail security email and then distribute it to selected users expecting that at least some of them will fall for it. This is called phishing. Usually, phishing attacks are performed by hackers to obtain sensitive information such as usernames and passwords. According to the study, 12.4 million users' credentials could have been stolen using phishing scams during the period 2016-2017. It is not very likely that hackers will ditch this hacking method in the near future, so learn how to recognize a phishing email before it is too late.

It is not that easy to recognize phishing emails, but we do not say that it is impossible. First and foremost, check the email you have received for spelling mistakes. If it contains major mistakes or poor grammar, it is not the legitimate Gmail security email, we can assure you that. Second, legitimate companies will never ask you to send them your username, password, or other information that can identify you via email. Third, they will never include links leading to unfamiliar websites in their messages. Last but not least, be careful with emails that require immediate action and/or provoke fear – this might be a scam.

It is great news that more and more companies install new security tools to help users protect their online accounts against hackers, but it does not mean that users can now sit and do nothing because hacking is still a regular occurrence nowadays. What you can do to strengthen your account's security today is to set a complex password. You do not need to come up with a strong password for your account yourself. Use the Password Generator integrated in Cyclonis Password Manager to generate a secure password automatically instead. Click here to learn more.