Google today added an alert to Gmail that warns users of the Web mail service when their account may have been hijacked.
Using several criteria -- including plotting the Internet protocol (IP) address of each successful log-on -- Google
determines whether to sound the alarm, which pops up at the top of a user's account and reads "Warning: We believe your account was last accessed from..." along with the location associated with the log-on.
If an account is accessed from one country, then again a few hours later from a different country, Google would likely sound the alarm. The assumption: The multiple and geographically divergent log-ons would be a clue that the account had been hacked, and was now being used to send spam, spread scams or distribute malware.
"It's actually much more sophisticated than that," said Will Cathcart, a Gmail product manager. "If we determine that an IP down the block [from you] has logged into your account, and has recently logged into lots and lots of accounts, we'll display the warning."