Accounts.google.com is the URL for created a Google account. The Google account means you can browse with the google.com search engine without being tracked by any tracking cookies and websites that may have otherwise given up some information such as your general computer dimensions, general location of the nearest mobile tower, et cetera.

Once you have created a Google account, you can sign in and persoanlize settings and manage your information and privacy to “make Google work better for you” according to Google. A Google account also allows you to sync browsers between devices which is a modern feature many Googlers appreciate.

Is accounts.google.com Safe?

I analyzed accounts.google.com for malware and malicious content to check if it was legit or a scam. Here are the results:

I checked the site accounts.google.com on Sucuri, and it returned with no major issues. Results: Sucuri scan for the site accounts.google.com.

Accounts.Google.com Sucuri results

Sucuri says there was a 404 Not Found site issue for the following URL:

https://accounts.google.com/signin/usernamerecovery?continue=https://accounts.google.com/&ifkv=AWnogHcP-1ilUR1iTryMay6-cqaKnstOmrWSG3PKhYVh_gPY4_69jw3dM1QnofGaorhViA73Mj3C&hl=en

Security hardening flaws:

  • Missing security header for ClickJacking Protection. Affected pages:
    https://accounts.google.com/404testpage4525d2fdc
    https://accounts.google.com/signin/v2/’ _.C(_.Uv(h).replace(/;/g,
    https://policies.google.com/privacy?gl=US&hl=en
    https://policies.google.com/terms?gl=US&hl=en
  • Missing Strict-Transport-Security security header. Affected pages:
    https://accounts.google.com/404javascript.js
    https://accounts.google.com/404testpage4525d2fdc
    https://accounts.google.com/signin/v2/’ _.C(_.Uv(h).replace(/;/g,
    https://policies.google.com/privacy?gl=US&hl=en
  • Missing Content-Security-Policy directive. Affected pages:
    https://accounts.google.com/404testpage4525d2fdc
    https://accounts.google.com/signin/v2/’ _.C(_.Uv(h).replace(/;/g,
    https://accounts.google.com/signup/v2/nojs?continue=https://accounts.google.com/
    https://policies.google.com/privacy?gl=US&hl=en

I then ran a parasite scan with Unmask Parasites on accounts.google.com, and it is suspicious. Results: Unmask Parasites scan for the site accounts.google.com.

Unmask Parasites cites 3 suspicious inline scripts found:

//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjogMywic291cmNlcyI6WyIiXSwic291cmNlc0NvbnRlb...

window.wiz_progress&&window.wiz_progress();window.wiz_tick&&window.wiz_tick('ZdRp7e');

(function(){/*
Copyright The Closure Library Authors.
SPDX-License-Identifier: Apache-2.0
*/
'use strict';var a=function(...

I also checked accounts.google.com on VirusTotal and 1 security vendor (CMC Threat Intelligence) flagged it as malicious. Results: VirusTotal scan for the site accounts.google.com.

Accounts.Google.com VirusTotal results

In conclusion, accounts.google.com is a low security risk and doesn’t have malware according to Sucuri. 1 security vendor (CMC Threat Intelligence) on VirusTotal has flagged accounts.google.com as malicious. OVERALL GRADE: Relatively Safe.

Links and Profiles

Website: myaccount.google.com

References

1. SimilarWeb – accounts.google.com

2. Wayback Machine – accounts.google.com