Attempt to setup my gmail as recovery mail by random people
I am just curious if anyone experienced the following and have any insight to add to this.
Once in a while, I notice some random person attempting to setup my gmail account as their "recovery" mail. I dismiss this attempt as mistyping of account name and not a deliberate effort. Whenever I get the verification request email from google titled "Email verification code: xxx" for this attempt, I just ignore it. There is also a 2nd email from google to me with the subject title "Security alert for random_person@gmail.com" which states "The recovery email for your account was changed". Though the mail says it was "changed", I think it is just a notice/alert, not a confirmation of change because the change workflow can not be completed w/ out the verification code. Examining the SMTP headers in the 2nd email, I see the following custom headers google adds which seem to indicate what I suspect (i.e. "change pending")
X-Account-Notification-Type: 2-RECOVERY-anexp#-changed_pending_verification
Feedback-ID: 2-RECOVERY-anexp#-changed_pending_verification:account-notifier
ReachoutTracker: xxxxxxxxxxxxxxxxxxxxxxxx
I'd like security experts here to weigh in on this. And if anyone believes this a deliberate effort to take over account, what does this accomplish other than the random person destroying their ability to recover their own account?
Thanks in advance.
