So, I recently went through Google’s security checkup – you know, to get my 2GB of free extra storage – and as part of this process, I decided to change my Google Account recovery email address. Of course, to be extra careful, Google will send a confirmation email to your original recovery email address, along with your regular Gmail address, just to make sure everything is OK.
So imagine my surprise when I opened my spam folder and found the message above waiting for me.
Additionally, Google flagged this message as potentially containing content that’s “typically used to steal personal information.” In other words, Google flagged this as a phishing attempt.
Granted, I’m all for phishing and spam protection, and Gmail generally has some great filters, but this seems a little excessive. Is Google really not smart enough to know not to flag its own email messages that are related to account security?