[Pxtl]

> the email arrives in xxxx their mailbox but it is ignored (might even be flagged as something they don’t read anyway because, for now, it’s an unknown service)

Most services don't even offer a way to resolve this.

There is never a "this email does not belong to the person who created the account and should be detached from it" link.

[CrimsonRain]

Those who do, don't have a way to prevent it in future.

Some same guy keeps using my email address as their recovery email for Gmail every few days. And I have to detach it again and again. Amazing spam by Google. Nobody can do anything.

[hddqsb]

I'm curious, have you ever tried contacting that guy and explaining that he shouldn't use your email address?

This design seems like a surprising oversight on Google's part. The correct design is to only add the recovery account if a verification link is clicked (which is in fact what they do for enabling mail forwarding). That way you could simply create a filter to mark the requests from that guy as spam. However, being the recovery address of this guy doesn't seem like such a serious problem – it should be relatively easy to filter the emails that Gmail sends to recovery accounts (something like "from:no-reply@accounts.google.com <guy's email address>").

[yellow_lead]

I can think of a way to permanently correct that :)

[tluyben2]

We simply have both status (not verified) and a type (password) fields; so an type sso login or signup will never encounter a type password record and a not verified record will never let you get logged on. Then we purge not verified records every few days.

[Gigachad]

The cumbersome way would be to confirm the email, do a password reset and then deactivate the account.

[Pxtl]

I'm hesitant to do this because occasionally I've been blocked by some second factor for password resets, but at that point I've confirmed the email.

[ridgered4]

I would expect a phone number link request at that point for suspicious activity, which actually is suspicious this time. And that is assuming it's even possible to deactivate the account without going into a black hole phone tree which is what I expect these days. Even if you successfully deactivate it, a service you aren't using now has data on you that won't ever actually be deleted. Trying to fix it feels like it's almost playing into the scammer's hands.

[Pxtl]

They're not scammers - I've just got a firstname.lastname@gmail account which means a zillion confused people think they're me.

https://xkcd.com/1279/

[ziml77]

Yes this is so annoying! I think it also sometimes happens when email addresses are communicated through speech instead of writing.

Though I tend to just block the sender domain (because they're always from services that I'm never going to use anyway) and ignore the email just on the off-chance that someone is trying to scam me in some weird way. (Plus I really just don't care enough to deal with it unless the email is clearly important or sent by an actual person)