Saturday, May 22, 2010

How to Check if Your Gmail Account Has Been Hacked

How to Check if Your Gmail Account Has Been Hacked

Thu, May 20, 2010
gmailfailwhale 
If you’re worried about email security, here is a step by step guide to help you check and determine if your Gmail account has been hacked or compromised in any way.

Step 1: Find the ‘Last Account Activity’ Section Your Inbox

 details
At the bottom of your Gmail inbox there is a ‘Last Account Activity’ section.  Click on ‘details’ to launch the full blown monitor.

Step 2: See who has accessed your Gmail account recently

ipaddress
Next, what you’ll see is a table of the most recent activity from your Gmail account.  It shows you
  • How it was accessed (Browser/mobile etc)
  • Where exactly the IP address is (So you can do some further digging)
  • When it was accessed

Step 3: Understand the IP addresses – Has your Gmail really been hacked?

domaintools
If you see IP addresses from different countries, don’t be too quick to panic.  If you use any 3rd party services which hook-up to your Gmail account, they will almost certainly show up in your activity log.  To do you own investigation, you can use DomainTools to identify the IP address. This will help you differentiate normal activity and your Gmail account being hacked.

Step 4: Understand the alerts – Google’s way of highlighting suspicious activity

alerts
Google will also do it’s fair share of monitoring, and will also alert you if it sees suspicious activity both in your inbox, as well as your recent activity log.  When this happens, and the IP addresses look suspicious, it is advisable to play it safe, assume your Gmail account has been hacked, and change your passwords immediately. 

Step 5: Sign Out All Other Sessions – If you forgot to sign out on a public computer

signout
If you are worried you did not not sign out of a public computer, you can ‘sign out all other sessions’.  This won’t fix any hacked Gmail accounts, but it will resolve any careless mistakes. This is also useful if you happen to lose your mobile phone and you want to ensure your email is not read by others.

Step 6: What to do if your Gmail account has really been hacked

The first thing you do is change both your password and security question right away.  Then make sure your new choices are very secure.  Google themselves have some really good tips .  For example in the case of security questions:
  • Choose a question only you know the answer to – make sure the question isn’t associated with your password.
  • Pick a question that can’t be answered through research (for example, avoid your mother’s maiden name, your birth date, your first or last name, your social security number, your phone number, your pet’s name, etc.).
  • Make sure your answer is memorable, but not easy to guess. Use an answer that is a complete sentence for even more security.
So there you have it.  A step-by-step guide on fully understanding Gmail’s account activity log, and how to check if your Gmail account has been hacked :)

No comments: