7

I was minding my own business, didn't change phone, password, or diet. Then on 3 November 2017 a popup asks for my google password. Is this foul play or just bad googly manners? Should I comply, ignore, or panic?

This question may be similar to the one about the en masse Google verification request last February. I thought it might be useful to ask a new question with new verbatim text from the message for search purposes.

I just received this notice on my Samsung S4 Active with Android today, identified by a wrench icon (not shown) in the status bar. It said something about updating my phone number (also not shown).

Google

To continue, first verify it's you

Enter your password

Google sign-in. "To continue, first verify it's you"

Naturally, an unexpected request for password is cause for concern. When I long-push the home button I see the app identified with a googly logo.

enter image description here

The answer from @LieRyan seems reasonable "...don't sign in on the password prompt on the notification bar. Instead, go to one of the Google Apps or System settings and trigger the login dialog from there." But nothing I've tried has triggered a login dialog. E.g. Inbox works without a new login.

My question is, how can I determine whether this is a phishing request? I assume the logo on the app can be spoofed by some app I don't remember installing.

Bob Stein
  • 175
  • 1
  • 7
  • 3
    Have you tried changing the number on another device via https://myaccount.google.com/privacy#personalinfo? Its also worth trying a fake password. If its not rejected then you know its phishing - although it being rejected doesn't guarantee it is not. Similar with exploring the forgot password link. – Hector Nov 03 '17 at 15:10
  • @Hector the number is correct and unchanged (and the request was not expected). Good idea with the fake password, though I wonder at what point that gets you locked out of your device, if the request is legitimate. – Bob Stein Nov 03 '17 at 15:30
  • If you are capable of writing and deploying your own android service you could make a service to display the running app on screen. With debug tools you could also probably also list it out. Once you knew which application was responsible you could check for it being signed by google. – Hector Nov 03 '17 at 15:41
  • I've been getting spammed with this on every google account, it's nonstop. Is there a legitimate reason for it, or can it be dismissed? – Harper - Reinstate Monica Nov 05 '17 at 17:34
  • 2
    Does the dialogue come up regularly? If so, next time it occurs, long press home just like you did and then long press the app name and then tap the button to show information on the app which caused the dialogue. – Joe Nov 05 '17 at 17:58
  • @Joe only happened once. On my phone I have to long-press the app _icon_, but that's a very helpful tip next time. – Bob Stein Nov 05 '17 at 18:11
  • I am not sure if this works on stock Android or not, but if you hold the app icon in the switch apps/cards view, you get an "i" button which brings you to the app's properties page. – billc.cn Nov 07 '17 at 20:10

1 Answers1

1

This looks legitimate, I've received it myself on all Google accounts. Unfortunately, without entering your password, you cannot really know more what this is about, than what the short notification text says, but likely Google wants you to provide or update your number for them to use it for different purposes on your account, including to recover when you forgot your password.

Depending on your Android version, the notification will show what app generated it, or you can see it by long holding the notification. If it is "Google Play Services", it's likely to be a legitimate notification generated by Google. Similarly, the activity the login screen is in would be hosted by the Google Play Services app as well.

Community
  • 1
stracktracer
  • 119
  • 2