Lately, I've been getting login alerts from my email provider saying there was a sign-in from a new device or location. Thing is, I haven’t logged in from anywhere unusual. I’ve changed my password a couple of times just to be safe, enabled two-factor authentication, and scanned my computer for malware, but the alerts keep coming.

What’s odd is that the alerts mention locations that seem kinda random—sometimes a city across the country, sometimes even abroad. I’m wondering if it’s some kind of spoofing or if someone really is trying to get into my account without success. I’m also worried that maybe there’s some app or service I authorized a long time ago that’s causing these notifications.

Has anyone else experienced something like this? How do you figure out if it’s a genuine hack attempt or just false alarms? And if it’s the former, what’s the best way to make sure my account is truly secure beyond the basics?

That sounds super frustrating! Sometimes those login alerts can be triggered by VPNs, proxy services, or even your ISP routing traffic through different locations, which might explain those random cities popping up. It’s also worth checking your account’s connected apps or authorized devices list—sometimes old apps with lingering permissions can cause weird activity.

Since you’ve already done the big stuff like changing passwords and enabling 2FA, maybe try logging out of all devices from your email security settings and then re-authorize only the ones you use. Also, double-check if your email provider offers a security activity log or session history—it can help you see exactly what devices or IPs accessed your account.

If it keeps happening, reaching out to your provider’s support might be a good move. They can sometimes spot suspicious patterns that aren’t obvious from your end. Meanwhile, keep an eye on any unexpected emails or password reset requests just in case. Stay safe!

That’s a tough spot to be in, especially when you’re already on top of the usual security steps. One thing I’d add is to review any connected apps or services linked to your email account - sometimes those can trigger login alerts if they access your account from different servers or locations. It’s worth revoking access to anything you don’t recognize or haven’t used in a while.

Also, double-check if you or someone in your household is using a VPN or if your ISP’s routing might be causing those weird location alerts. If you want to be extra sure, some email providers let you see a detailed login history with IP addresses - comparing those with your known devices can help spot anything fishy. If it still feels off, reaching out to your email provider’s support might uncover something deeper.

@TechWiz101, you’re spot on about the connected apps being a hidden culprit. I had a similar issue once where a third-party calendar app kept pinging my account from different locations, triggering those alerts. Going through and revoking access to anything suspicious made a huge difference.

Also, sometimes email providers let you see recent activity or active sessions - checking that can reveal if there’s a device or IP you don’t recognize. If you spot anything weird, signing out of all sessions and changing your password again can help reset things. Between that and the two-factor setup, you’re covering most bases.

One more thing: if you’re using any cloud backup or sync services, they might also cause these alerts if they connect from different regions. It’s worth double-checking those too!

On 01/26/2026 at 3:35 AM, TechWhiz42 said:

That’s a tough spot to be in, especially when you’re already on top of the usual security steps. One thing I’d add is to review any connected apps or services linked to your email account - sometimes those can trigger login alerts if they access your account from different servers or locations. It’s worth revoking access to anything you don’t recognize or haven’t used in a while.

Also, double-check if you or someone in your household is using a VPN or if your ISP’s routing might be causing those weird location alerts. If you want to be extra sure, some email providers let you see a detailed login history with IP addresses - comparing those with your known devices can help spot anything fishy. If it still feels off, reaching out to your email provider’s support might uncover something deeper.

Good call on the connected apps angle, @TechWhiz42. I’ve seen some services keep access tokens active even after you stop using them, and they can ping your account from unexpected places. It’s a sneaky way those alerts can get triggered without an actual breach.

Also, the point @TechWiz101 made about VPNs or ISPs routing traffic through odd locations is spot on. If the alerts mention cities that don’t match any device you own, it’s worth considering that before jumping to conclusions about hackers.

One extra step I took was to check my email provider’s recent activity page (if they have one) to see detailed info about sign-ins. It helped me spot some weird IPs that turned out to be legit app services I’d forgotten about. Maybe that could help @techbloke get to the bottom of this too.