Ever notice the line of text near the bottom of your Gmail account that tells you about your last account activity? If you click on Details, a chart pops up showing the how (browser, mobile, etc.), by whom (IP address) and when your email account was recently accessed.
If you’re not familiar with this Gmail feature, you may want to as it could be useful information should you think that someone else has accessed your email account. It even allows you set an Alert preference to notify yourself in the event of any unusual activity, or disable if you may be traveling and apt to trigger “unusual activity”. To enable/disable, simply click on the change link next to Show an alert for unusual activity. Note that you will have the option to never show an alert for unusual activity and that Google needs about a week to disable this feature, just to ensure that the alerts were turned off maliciously by someone else.
The following information is excerpted from Google’s Help documentation on Last account activity. Please visit that link for an unabridged version.
HOW TO USE THIS DATA
If you’re concerned about unauthorized access to your mail, you’ll be able to use this data to find out if and when someone gained access (it’s information Google would use to troubleshoot unauthorized account activity). Does the Access Type column show any unusual access? If you don’t use POP to collect your mail, but your Recent activity table is showing some POP access, it may be a sign that your account has been compromised.
The IP address column is also useful. The last 5 IP addresses and the associated location are listed, based on Google matching your IP address to a broad geographical location. If you always or most often sign in to Gmail using a single computer, your IP address should be the same, or start with the same two sets of numbers (for example, 172.16.xx.xx). If you’re seeing an IP address that differs greatly from your usual IP address, it could either mean that you’ve recently accessed your mail from a different location, or that someone else has accessed your mail. Your current IP address is displayed below the Recent activity table. In addition, you may notice that the location and IP mappings may not always be accurate, especially in cases where the logins are old.
In addition, some mobile providers and internet proxies may also appear in your recent login history, and in some cases, may appear to come from a different geographic location than you are normally based in.
If your mail is currently being accessed from another location, the other session(s) in the Concurrent session information table are listed. This could mean that you simply have another browser window open with Gmail loaded, or that your home computer is logged in to Gmail while you’re accessing your mail from work. If you’re concerned about any concurrent access, you can sign out all sessions other than your current session by clicking Sign out all other sessions.
If you’re uncertain or you don’t recognize the activity, this may be an indication that your account has been compromised via malware, often bundled with other free downloads without your knowledge. Be sure to run a scan on your computer with a trusted anti-virus software. If the scan detects any suspicious programs or applications, get rid of them immediately.
Google will also send you alerts if they determine an unusual pattern of accessing your account. Read more about this service.
Tip: You can change your GoogleApps password using www.brown.edu/myaccount. Note that you will need your Brown network password to log into the site.