Programs come along once in a while that have an outsized impact on how we do things. Consider Gmail: there were already browser-based email providers like Hotmail and Yahoo! when it first soft-launched in 2004, but it made two revolutionary changes. First, it drew on Google’s search prowess so you could always find “that one email,” however crowded your inbox got. Second, it gave each user a whole gigabyte of email storage, so you could keep lots of emails.
That sounds laughable now, but at the time, 2 MB of storage was the standard (yeah, megabytes!), and Gmail multiplied it by 500, in a staggering bit of one-upmanship. Gmail proved to be such a hit that the company eventually made it the hub for all Google services (your Google Account, in other words), and today — for billions of us — it’s central to online life. That’s why it’s such a big deal if your Gmail is hacked.
How Gmail Became the Center of Your Online World
Like a lot of Google’s successes, Gmail started as the passion project of one engineer, who was tired of never being able to find anything in his inbox. Well, when you happen to work for the world’s leading search company, that’s not a hard problem to solve. As it happens, a lot of us had shared the same frustration, and in the nearly 20 years since then, the number of emails we handle in a day has only continued to grow.
That success made Gmail one of Google’s most-loved and most-used products, alongside its search engine and the Android mobile OS. So, as Google grew out its portfolio with new in-house products (like its Workplace suite) and key acquisitions (like YouTube), it made sense to position Gmail as the key to your Google Account, and therefore to your use of all of Google’s services.
That’s why so many of us have a Gmail account, even if we use Outlook at work or Apple Mail across Macs, iPhones, and iPads. And, of course, it’s also the reason why a Gmail hack is so alarming. A stalker, hacker, or scammer gaining access to your Gmail account can potentially cause a lot of mischief, so — if it happens — you’ll want to recognize it, and recover control as quickly as possible.
Is Your Gmail Hacked? How to Know
There are a number of ways to know whether your Gmail account has been hacked, some subtle and some glaringly obvious. A few of the more important ones include:
Getting Locked Out of Your Account
If you find that you’re signed out of your Gmail and other Google services, and it tells you your password is incorrect when you try to log in, that falls into the “glaringly obvious” category. Skip this whole section, and scroll down to the good stuff about getting your account back.
Getting Password/Username Reset Messages
Some hackers will opt to stay under the radar and use your Gmail to log into your other accounts or to set up new ones. So you may see a rash of messages from various apps and platforms telling you that you’ve requested to change your password or username. That’s a big red flag as well.
New Sign-Ins on Your Account
Google also sends notifications about new sign-ins on your account. Those are normal when you start using a new device, but otherwise they’re a sign of trouble.
Your Contacts Get Emails You Didn’t Send
Your friends, family, and coworkers may suddenly report getting weird or uncharacteristic emails from you. (“You’ve always bashed crypto, why did you send me that link to a sketchy cryptocurrency site?”) Using your email to scam your contacts is a common ploy for criminals, so this is also a big red flag.
Subtler Signs to Look For
Once you’ve become suspicious, you can screen your inbox and other folders for subtler signs of mischief. This might include finding emails marked as read that you haven’t seen, messages in your Sent or Drafts folders you didn’t write, emails archived or in your Trash that you hadn’t seen, and possibly even a random Chat or two that aren’t yours.
Verify Through a Third Party
Another option — once you suspect you have a problem — is to look for confirmation from a third party. For example, you can enter your email at a website called Have I Been Pwned?, which will tell you if your email address has been exposed in a data breach (you can do the same for your passwords, on a different tab). Spokeo Protect, our identity theft protection service, doesn’t monitor your email security specifically, but we’ll alert you if your monitored information shows up in the online black markets. If you get an alert around the same time you start noticing weirdness in your inbox, you can safely conclude that you’ve been hacked.
Steps to Take When Your Gmail is Hacked
Once you’re confident that you’ve been hacked, there are several steps you should take to reclaim your Google Account and put things back to rights.
- Log in to your Google account, if you still can (if not, look below, and then come back to this step).
- Change your password before you do anything else! Pick a strong password, and if your memory needs help, use a password manager to start keeping track of them.
- From the menu panel on the left of the screen, choose “Security” and then look at the list under “Recent Security Activity.” If any of those activities weren’t you, you’ve now got the smoking gun you were looking for.
- Now scroll down to the next list, “Your Devices.” Tap or click “Manage all devices” to see everything that’s logged in under your account. It’ll give you a list of devices (“Windows computer,” “Galaxy S21,” for example) and often a location. If the location or the device aren’t yours, that’s your culprit. You can choose that device, flag it by tapping “Don’t Recognize Something?” and following the instructions you see, or simply log that device out of your account. In fact, it’s a pretty good idea to log them all out, just in case. It only takes a moment for you to log back in.
- Run your antivirus or antimalware app, if you have one installed. Sometimes hackers use malware to steal your login credentials, and the various recovery steps won’t do you much good if they can simply hijack you all over again.
If you can’t log in to your Google Account, go to Google’s “Account Recovery” page, and work your way through the questions they put forward to verify your identity. It’s a lot faster and easier if you’ve set up a recovery email address or phone number, so Google can simply send you a one-time login.
Cleaning up After a Gmail Hack
Now that you’ve regained control of your account, you’ll have some cleaning up to do.
You can start in Gmail, looking for traces of the hacker’s activity in your account. It’s worth taking a look at your archived emails and Trash, to see if there are things the hacker has hidden away. Next, go into Settings and check under Forwarding to make sure they aren’t still getting your emails, and under Filters and Blocked Addresses to make sure they haven’t been up to mischief that affects what you see. Finally, if you haven’t done so already, scour your Sent box for any messages the hacker sent out, and your Inbox (and any other folders) for emails that seem to come in response to something the hacker sent.
Those may include signups in other apps and services. You’ll need to go to each one of those, report the signup as fraudulent, and follow that platform’s process for shutting down the account. It’s also a good idea to make the rounds of your existing social media accounts, looking for signs that the hacker logged in under your name: posts you didn’t make, new friends and followers, and so on. Un-friend, un-follow, and generally un-do those, wherever you see them.
Finally, search your own email address on Spokeo. The search results will show you any accounts associated with your email address, which means you’ll see any that the hacker signed up for, even if they’ve successfully covered their tracks in your Gmail. If you’re lucky, it may even find connections to the person who misappropriated your account, such as their name or phone number.
How Do Gmail Hacks Happen (and How Can I Protect Myself)?
Once the immediate panic is over, and you’ve taken all the necessary steps to undo the damage, there are two questions that will probably weigh on your mind: “how did this happen?” and “how can I make sure it never happens again?”
The first question has a number of potential answers. There’s always the possibility of a direct hack of Gmail itself, though that’s beyond the skill set of most hackers (the only known for-sure example was a Chinese hack back in ’09). Your credentials may also have been stolen by a keylogger or other malware, or through a phishing attack. If you have the bad habit of reusing your passwords from site to site, your email address and password may have been leaked in separate non-Gmail breaches and then linked together by identity thieves. Finally, though we don’t like to consider the possibility, the identity thief might be someone close to you: a friend, a family member, perhaps even your spouse (who has a better opportunity?).
However hacks occur, you can armor your account against them by tweaking your Security settings and your online habits. A few important steps include:
- Not using, or giving, your main Gmail address where it isn’t necessary. Gmail accounts are free, so set up a second one to use when you sign up for non-essential apps or those “create a free account to read this content” sites. That way, if it’s compromised, it doesn’t affect your core accounts. Alternatively, you can use disposable emails for that purpose. Either way, it’ll also cut down spam in your main inbox, which is a nice bonus.
- Staying educated on the various phishing scams (reading this blog helps!) and above all, not clicking on random links in emails or texts. Scammers are also using QR codes for phishing now, which is a relatively recent wrinkle to be aware of.
- Setting up two-factor authentication (2FA) for your Google account. It just means you (or a potential scammer) will need something besides the password in order to log in and make changes to the account. It could be a code sent to your phone number or email, a code from an authentication app (better), or biometric authentication through the fingerprint reader or face recognition on your device (really good).
- Better yet, set up your account to use the new “passkey” technology, which will eventually replace passwords altogether (Google’s a big booster). The TL;DR version is that a device you choose (like your phone) becomes the key that unlocks your accounts, and then you in turn secure the device itself with something like your fingerprint.
Having Your Gmail Hacked Isn’t Fun, but It’s Manageable
Having your account hacked or otherwise compromised is no fun, whether in a popular online game or perhaps your social media accounts. That being said, some hacks are more troublesome than others, and having someone gain access to your Gmail (and through it, your Google Account) is right up there with having your phone hacked.
On the positive side, Google’s account-restoration process is pretty robust, and they offer a top-tier set of account protections, from conventional 2FA to state-of-the-art passkeys. Between the proactive protections Google provides and the steps we’ve outlined here, reclaiming your Gmail from hackers — while still stressful — is a relatively straightforward exercise.