问HN:旧的 yahoo.com 邮箱上的 Google 账户被劫持到 Google Workspace。
过夜,我收到了来自 Google Payments(noreply@google.com)的数十封邮件,通知我某个支付账户的联系邮箱正在被更改,而这个账户要么是我从未创建的,要么是非常旧的。这些都是实际的 Google 通知,而不是网络钓鱼尝试。
一开始,我的旧邮箱地址(一个我使用了超过 20 年的 Yahoo 邮箱)被替换为一个 gtempaccount.com 的地址,这似乎是攻击者将账户转移到 Google Workspace 中。
他们是如何在没有我批准的情况下,对一个 yahoo.com 的邮箱地址进行更改的并不清楚,但我 99% 确定我的 Yahoo 邮箱是安全的。无论如何,我已经采取了标准的预防措施(更改密码,确认已启用的双重身份验证)。
从那时起,我收到了大量类似的通知,不同的邮箱地址在同一个账户中循环出现。
我仍然可以登录我的原始账户,但它显示为“@gtempaccount.com”的后缀,而且在账户内似乎没有什么有用的操作可以进行。
尽管进行了广泛的搜索并与 Google 的支持机器人进行了聊天,但没有明确的地方可以报告这个问题。
如果有任何建议可以报告此问题或采取其他行动,我将非常感激。
查看原文
Overnight, I received dozens of emails from Google Payments (noreply@google.com) notifying me that contact emails are being changed on a Payments profile that either I never created or is extremely old. These are actual Google notifications, not phishing attempts.<p>It started with my actual old email address (a Yahoo address I've had for 20+ years) being swapped out to a gtempaccount.com addresss, which appears to be the attacker moving the account into a Google Workspace.<p>How they did this for a yahoo.com email address without my approval is not clear, but I am 99% sure my Yahoo email is secure. I have taken the standard precautions anyway (changed password, confirmed 2FA which is already enabled)<p>Since then I've received a flood of similar notifications with different email addresses cycling through the same profile.<p>I can still log into my original account but it shows as the "@gtempaccount.com" suffix, and there doesn't seem to be anything useful I can do within the account.<p>Despite extensive searching and chatting with Google's support bots, there is no clear place to report this issue.<p>Any suggestions as to where this can actually be reported or other actions to take are very welcome.