Email accounts including the very popular Gmail are very vulnerable to hacking attacks that lead to account compromise. In fact, many Gmail users are simply using their Gmail accounts but are unaware that their accounts were already tampered or accessed by someone somewhere.
There are several indications or manifestations when your Gmail account was actually hacked or compromised. For more information as to “How to Tell When Your Gmail Account Was Hacked or Compromised”, please refer to the suggested article.
If you have confirmed that indeed your Gmail account was hacked or compromised, here are the very essential procedures that you should do in order to protect your Gmail account after the successful recovery.
Change Your Password, Immediately!
If you believe someone else is accessing your account from another place or device, the very first step that you should do is to change your Gmail account password. In this method, the possible hacker will be locked out or kicked out from the Gmail system. If the hacker managed to change the password before you do, then worst thing happens: you, the owner of the account will be locked out from your own account and the hacker will have full control of your account. To recover your account when this scenario happens, you can refer to this article.
For a very detailed procedures in changing your Gmail password to protect your hacked account, please refer to this article: How to Change or Update your Gmail Password.
Also, when changing your Gmail password, please remember these important reminders:
- Impose a STRONG password. For a password to be considered “STRONG”, it must be longer than 8 characters, and must be a combination of small letters, capital letters, numbers, and punctuation marks. To test the strength of your selected password, please refer to this password meter: Using a Strong Password in Your Account to Avoid Being Hacked
- Do not re-use the passwords you have for other websites. The reason for this is that, if one account is hacked, the other accounts could be easily hacked as well since most online accounts use your email address and a password.
- Do not write your password somewhere, you must remember it. If you write it somewhere, you will not endeavor to remember it since you will rely on the fact that it is written somewhere. If you want to manage your passwords easily, you can use KeePass.
Undo the Mess that the Hackers Did
Most hackers mess up their victims’ email accounts. Basically, there are several settings in your Gmail account that the hacker can play with, causing you a lot of troubles and headaches. If you are using your Gmail for business, you must check the following settings:
Remove Unwanted Filters
Hackers use filters to do a lot of harm in your Gmail account — automatically. He could setup a filter to collect ALL incoming emails and delete them without entering your Inbox first. That will be the worst scenario for hacked accounts since the victim will just wonder WHY he is no longer receiving any emails after recovering his Gmail account from being hacked.
To resolve this and other filter-related problems, please do the following:
- Use your web browser and sign in to your Gmail account.
- Click on the small gear icon at the top-right corner of the Gmail page, then click on Settings.
- Click on Filters tab at top
- Are there any filters there that you DID NOT create yourself? Please Delete them!
- After doing all these changes, scroll down to the very bottom and click on Save Changes button.
Fix the Reply-To Address
Another trouble that the hacker could have placed in your Gmail account is the changing of the Reply-To address. By default, Gmail has a blank “Reply-To” address. This means that when you send an email to someone, and the receiver hits the Reply button, your original Gmail account will be used as the reply-to address.
For the naughty hackers, they manage to change the reply to address of Gmail accounts so the owner will wonder why he is NOT GETTING any replies of his emails. Imagine that you send an email to your friends and when your friends hit the Reply button, they will no longer check the Reply To email address as they are expecting it is a REPLY. When the hacker entered his email address in the Reply To address field, then the hacker will get all the replies from your friend, NOT you. Isn’t it too frustrating?
In order to fix this dilemma, please follow these steps:
- Use your web browser and then sign in to your Gmail account.
- Click on the small gear icon at the top-right corner of the Gmail page, then click on Settings.
- Click on Accounts and Import tab
- Look closely at the portion called “Send Mail As“. It will show all your emails there, including those POP emails you added in your Gmail.
- Below the email address in the list, please check if there is something shown as “Reply to address” like shown below.
- Please check if that Reply To address is YOURS or not. If not, click on the “edit info” link opposite the listed email address and delete ANY email address listed there. By default, when the Reply To field is blank, it will automatically default to the sending email address.
- After doing all these changes, scroll down to the very bottom and click on Save Changes button.
Disable Forwarding
After recovering your Gmail account, you might not be seeing any damaging or annoying effects that the hacker caused in your account. However, do not be too complacent. Check the forwarding settings to see and confirm if your Gmail account is NOT forwarding all your emails to the hacker. It will be not as damaging than the things listed above, but it is basically a security breach.
To fix this problem, turn off Forwarding. Here are the steps:
- Use your web browser and then sign in to your Gmail account.
- Click on the small gear icon at the top-right corner of the Gmail page, then click on Settings.
- Click on Forwarding and POP tab at the top.
- Select the option “Disable Forwarding“.
- Scroll down to the very bottom and click on Save Changes button.
Recover Deleted Emails
Once a hacker accessed your Gmail account without you knowing it, your emails are at risk because the hacker can be so naughty that he might delete ALL of your emails and then empty your Trash to purge the deleted emails to make them non-recoverable.
However, Gmail is anticipating such behavior and can provide immediate help as long as it is reported to Gmail immediately as well. In order to recover your emails that the hackers might have deleted, follow the procedures described in this article: “Are you missing some emails in your Gmail? You can recover them!“
Recover Deleted Contacts
Not only your emails are at risk when your Gmail account is hacked. The hacker could have easily selected all your contacts and deleted them at once! Too frustrating, right?
Gmail is aware that it can really happen when a hacker takes over your account. In order to recover your contacts that the hacker could have deleted, follow the procedures in this article: How to recover deleted contacts in Gmail