Gmail Account Hacked – Steps to Secure Your Account

gmail

Recently a few friends emailed me to say they received spam from my gmail. Gmail altered me to the fact my account was being access from China, and in the drafts folder I found another spam ready to be sent to my entire address book.

I'm a web developer but no expert on security. My password was 8 characters containing letters, numbers and special characters. Does this mean they found my password somewhere in plain text?

Now I'm worried they may have found, among the 10000's of emails since 2005 that are in my inbox, other passwords I use to access various servers, and other important personal data.

Password was changed immediately of course.

  • How could my account have been hacked?
  • How worried should I be?

Best Answer

You could be in one of the following situations:

  • you could have a keylogger/trojan on your computer;
  • you could have logged in from a computer that had a keylogger/trojan installed;
  • you could have been a phishing scam victim;
  • you could have used a service that required your gmail account password (less likely) and they either store it in plain text and got hacked or were just rogue and sold/used it.

Now, you should:

  • change all the passwords that you received on your gmail account, for each service/server;
  • get in touch with any financial organization (e.g. banks) that might have sent you sensitive info on this email - if that's the case, follow bank account and credit card movements.

And last, you should switch to 2-step verification for your gmail account. Details are on gmail blog: http://googleblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html

Also, make sure your computer is clean - no viruses, trojans, keyloggers.

Edit:

It's also possible that you have the password stored in plain text and that file got somehow misplaced (trojan, file sharing error).

Related Topic