If you’re anything like me then there are two technologies that you can’t live without – emails and your smartphone. Consequently, one of the first things I do in the morning, before I’m even fully awake, is to check my emails.
And let me tell you that nothing wakes you up faster then an email from Google telling you that your account has been hacked.
This happened to me this morning.
To be precise Google sent me an email telling me that someone tried to access an old Gmail account that I hadn’t used in a few months (but on which I still had private data). This was terrifying stuff but, reassuringly, Google stopped the hack before any personal data was taken.
So in case you’re wondering, this is what happens if someone tries to hack your Gmail account. And here’s what you should do before this becomes an issue.
The first thing to do is remain calm, the second is to follow the instructions in Google’s email; which’ll look something like this;
Someone recently tried to use an application to sign in to your Google Account – ***@gmail.com. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:
Monday, February 11, 2013 2:02:45 AM UTC
IP Address: 2**.***.***.* (***.***.)
Location: *********, MN, USA
If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how athttp://support.google.com/accounts?p=reset_pw
If this was you, and you want to give this application access to your account, complete the troubleshooting steps listed at http://support.google.com/mail?p=client_login
Google not only tells you where the attempted hack was coming from but the exact time that it took place. It’s also worth noting that Google sent me this email at 2:02:55 am – just ten seconds after the person tried to get into my account.
After verifying that this email itself wasn’t a phishing scam I tried to log into the account myself (which wasn’t easy, since I couldn’t even remember my own password). After logging in, Google again told me that the account had been victim to an unauthorized access attempt and took me to the password reset screen.
At this point Google also asked me to verify a cell phone number with my account – this might appear to be an odd thing to do but there’s sound logic to it. If Google detects any attempted unauthorized access to your account it will send a verification code by SMS to your phone. It will also use this number to alert you by SMS if it has detected unusual activity on your account (such as a change in password).
After that Google then takes you to your account’s security center, where you can add more layers of security to your account.
One of the most important things to do here is to set up two-step verification, which means that any time you log into your account Google will send you an SMS with a unique pin which you will then need to enter to access your account. It can be annoying, but it’s absolutely necessary.
On this page also make sure that you have told Google that you want to be notified by email and phone when any changes are made to your account. This will send you an email, like the one above, with information about changes that (hopefully) you have made to your account’s security settings (You can do the same on Facebook here).
Finally, click on the “Manage Applications” button on the bottom of the screen. Here you can see a list of devices or web services that have access to your account. In most cases these will be things like your Google Calendar, Android, or Google Drive accounts but if there’s anything usual there be sure to revoke access.
Hopefully if you’re ever hacked or someone tried to gain access to your account Google will arrest the attempt before any data is compromised, as it did in my case. But before anything like that happens make sure that you do Google and yourself a favor by activating some of Google’s added security measures.