This is an automated archive.
The original was posted on /r/cybersecurity by /u/bananaphophesy on 2023-09-23 16:02:03+00:00.
Hi All, I’ve come across a scenario where a spurious email address is appearing in the “Continue with Google” option when attempting to login to a notes / productivity related site on the web.
Has anyone come across this before, or could speculate what is happening?
It’s odd because the address doesn’t appear as a recovery address on the Google account or under the settings for the notes site. Basically it’s nowhere to be found in any account settings, and the PC in question has had a deep AV scan. The only thought that occurs is that it could somehow be a config change in the Google Chrome profile (malicious or otherwise).
Any thoughts appreciated.
EDIT: I forgot to say, the correct recovery email is actually obfuscated with stars, while the invalid one is unobfuscated.