

My Gmail Account Hacked. How do I secure it? - hhimanshu

This happened with me in first time since I am using GMail (since 2005).<p>I was in Starbucks using my laptop in the afternoon for an hour.<p>I didn&#x27;t notice anything major until I tried log into GMail and GMail notified that my account is disabled for security reasons. I ignored(stupid me!) and reset the password<p>Meanwhile few days ago GMail service disruption happened and I noticed I am received lot less emails that I used to get(may be 5-10%).<p>Then I started noticing that people complained that I am not replying to their emails, while I was not even receiving them.<p>Also, When I am sending emails, I get the message http:&#x2F;&#x2F;imgur.com&#x2F;5U1nFXM&amp;VrIjeVi&amp;WTe9BIU<p>30 minutes ago, I accidentally checked my Gmail Trash and OMG! all my email are here. What happened?<p>One of the email caught my attention saying &quot;Your Google Play Order Cancellation Receipt from Jan 21, 2014&quot;. What? This is not me for sure.<p>http:&#x2F;&#x2F;imgur.com&#x2F;5U1nFXM&amp;VrIjeVi&amp;WTe9BIU#2<p>I called Google Play Help Center and made sure that this account is cancelled. Now I am sure that my account is hacked, so I googled to know why all my emails are going to Trash and Google told me to check my filters (https:&#x2F;&#x2F;support.google.com&#x2F;mail&#x2F;answer&#x2F;63601?hl=en). Guess What?  Google was right<p>This person set up the filters to make sure I don&#x27;t know what he has ordered
http:&#x2F;&#x2F;imgur.com&#x2F;5U1nFXM&amp;VrIjeVi&amp;WTe9BIU#1<p>I am not sure who this person is except that this person was in the Starbucks since the order time is around the same time I was there.<p>I have changed my Gmail password but I would like to know what approaches&#x2F;advices&#x2F;suggestions people have to secure Gmail or any service that needs password<p>P.S I am not going to login to any website in Starbucks or public Wi-Fi.
======
GFischer
I had my GMail account hijacked once, not a nice experience.

What I did is turn on 2-factor authentication (same thing as everyone else
advocates).

I did manage to get a log of IPs of who was logging into my computer (see at
the bottom right of Gmail, Last Account Activity - Details), went to the
computer crimes division of the local police, they were very polite but
basically explained they only have resources for really big things (child
porn, serious financial problems) and since I had nothing stolen I had no
case.

------
anthony_franco
As mentioned, you should turn on Google's 2-step authentication.

Since Gmail uses SSL, I'd find it difficult for an attacker to sniff out your
password. Do you share that same password with other non-secure sites? Then if
so, be careful of using the same password.

------
renjith101
2-step verification from Google. Login by using both your password and your
phone.
[https://support.google.com/accounts/answer/180744?hl=en](https://support.google.com/accounts/answer/180744?hl=en)

------
DanInTokyo
Same as everyone, 2-step verification. You can get the authenticator app for
your phone or just get the authentication code by text message. Even if they
get your password somehow, unless they've also stolen your phone and you don't
have a lock screen the PW is borderline useless.

------
puranjay
Please, for the love of all that is good and beautiful, use the 2-step
authentication system. It exists for a reason. There's no such thing as 100%
un-hackable, but this is as close as you'll get.

~~~
theandrewbailey
If you use a service with 2 step auth, use it. Here's the most comprehensive
list (that I know of) of services that support it:
[http://evanhahn.com/tape/two-factor-auth-list/](http://evanhahn.com/tape/two-
factor-auth-list/)

