locked prison door

What happens when someone tries to hack your Gmail account?

If you’re anything like me then there are two technologies that you can’t live without – emails and your smartphone.  Consequently, one of the first things I do in the morning, before I’m even fully awake, is to check my emails.

And let me tell you that nothing wakes you up faster then an email from Google telling you that your account has been hacked.

This happened to me this morning.

To be precise Google sent me an email telling me that someone tried to access an old Gmail account that I hadn’t used in a few months (but on which I still had private data).  This was terrifying stuff but, reassuringly, Google stopped the hack before any personal data was taken.

So in case you’re wondering, this is what happens if someone tries to hack your Gmail account. And here’s what you should do before this becomes an issue.

The first thing to do is remain calm, the second is to follow the instructions in Google’s email; which’ll look something like this;

Someone recently tried to use an application to sign in to your Google Account - ***@gmail.com. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:    Monday, February 11, 2013 2:02:45 AM UTC  IP Address: 2**.***.***.* (***.***.)  Location: *********, MN, USA    If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how athttp://support.google.com/accounts?p=reset_pw    If this was you, and you want to give this application access to your account, complete the troubleshooting steps listed at http://support.google.com/mail?p=client_login

Someone recently tried to use an application to sign in to your Google Account – ***@gmail.com. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

Monday, February 11, 2013 2:02:45 AM UTC

IP Address: 2**.***.***.* (***.***.)

Location: *********, MN, USA

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how athttp://support.google.com/accounts?p=reset_pw

If this was you, and you want to give this application access to your account, complete the troubleshooting steps listed at http://support.google.com/mail?p=client_login

Google not only tells you where the attempted hack was coming from but the exact time that it took place. It’s also worth noting that Google sent me this email at 2:02:55 am – just ten seconds after the person tried to get into my account.

After verifying that this email itself wasn’t a phishing scam I tried to log into the account myself (which wasn’t easy, since I couldn’t even remember my own password). After logging in, Google again told me that the account had been victim to an unauthorized access attempt and took me to the password reset screen.

Your account may be compromised  Based on your response, we think someone other than you has tried  to log in to your account.  Don’t worry - we’ll take you through a few steps to help you secure  your account and restore any changes that might have been made.

Gmail: Your account may be compromised

At this point Google also asked me to verify a cell phone number with my account – this might appear to be an odd thing to do but there’s sound logic to it.  If Google detects any attempted unauthorized access to your account it will send a verification code by SMS to your phone.  It will also use this number to alert you by SMS if it has detected unusual activity on your account (such as a change in password).

After that Google then takes you to your account’s security center, where you can add more layers of security to your account.

One of the most important things to do here is to set up two-step verification, which means that any time you log into your account Google will send you an SMS with a unique pin which you will then need to enter to access your account. It can be annoying, but it’s absolutely necessary.

On this page also make sure that you have told Google that you want to be notified by email and phone when any changes are made to your account.  This will send you an email, like the one above, with information about changes that (hopefully) you have made to your account’s security settings (You can do the same on Facebook here).

Gmail Security Notification types

Gmail Security Notification types

Finally, click on the “Manage Applications” button on the bottom of the screen. Here you can see a list of devices or web services that have access to your account. In most cases these will be things like your Google Calendar, Android, or Google Drive accounts but if there’s anything usual there be sure to revoke access.

Hopefully if you’re ever hacked or someone tried to gain access to your account Google will arrest the attempt before any data is compromised, as it did in my case. But before anything like that happens make sure that you do Google and yourself a favor by activating some of Google’s added security measures.

Follow this author
Subscribe to Piers on Facebook
Follow Piers on Google+
Filed under Tags: , , , , , , , , .
Discussion
22 comments
jc77199
jc77199

I got an email from Google saying the phone number on my account had been changed, but nothing further. How do I find out the exact date this happened?

Maxy147
Maxy147

So a similar thing happened to me, someone attempted to access my gmail, again from Hefei, Anhui, China, which seems to be a regular area... but the I.P. (60.168.116.119) was located at "The Peoples Government of Anhui Province"... Did a branch of the Chinese government really try access my gmail, or is whoever is hacking just using I.P.'s in/around Hefei at random? It also worries me most people here appear to have had this happen last year... why would they bother doing this? But I am very grateful to google for providing what is actually quite excellent security services. 

hannahfireblood
hannahfireblood

This person from Hefei,Anhui,China also tried to hack my gmail 2 days ago  Tuesday, August 6, 2013 3:54:04 PM UTC
IP Address: 60.166.226.189
Location: Hefei, Anhui, China  How many people did he try to hack and how come same person? :/

caine712
caine712

Please Someone hack this china guy IP "60.166.228.86"  Hefei, Anhui, China, It seems as if we all been targeted by the same person.

Peterp90
Peterp90

Got the same email from Google about my Gmail acount being hijacked but was prevented. Two minutes later, accounts was hacked successfully and a spam email was sent from my account to everyone on my contact list. I need more time than that to change my password!!  Google should lock my account for a few hours until I have time to change or review the attempted hijack!

Storme
Storme

I got the e-mail saying someone had tried to log into my account from China. My password almost 30 characters long, I've never given it to anyone and I highly doubt there's any way anyone would ever be able to guess it. Should I still change my password...?

bizdoctor
bizdoctor

"What happens when google does not tell you your gmail account has been hacked . . . ".

My gmail contact list keeps changing groups, deleted ... 

Even if I change my password (again), maybe the keystrokes I entered are "watched"... SCARY!

Any (polite) suggestions?

fnarfle2
fnarfle2

now all that was scary for me, but unlike you i brushed it off and thought it was spam. then, i got people telling me someone tried to change my password. thus began the war for my account...

really hoping they don't win, that would suck.

A Person
A Person

Just had this happen to me, reassured to know I'm not alone. Probably just a program randomly selecting emails rather than personal attacks on us from people with agendas.

DanielBarr3
DanielBarr3

@thesociable @pdscott Sound advice, had happened to me before to an email address I use daily.

JackAdamick
JackAdamick

@Storme Same mine has happened twice and the first was from Kaifeng, Henan, China and then  I got another from Hefei, Anhui, China a few weeks later.  I've reset my password and followed everything they say to do but a few hours ago got another from Hefei, Anhui, China. This is very strange as I don't keep any personal info on this account and only have it linked with multiple video games and youtube.

bizdoctor
bizdoctor

@bizdoctor 

Once again, a bunch of email addresses in the contact list were eliminated. I may move from gmail! WOW 

bizdoctor
bizdoctor

@A Person 

My contact list has been changed a few times, less likely "random"

pdscott
pdscott

@DanielBarr3 It really is scary but Google's response/notifications were very reassuring - I just wish more sites had two step logins

Storme
Storme

@JackAdamick I got another one from China recently aswell. I highly doubt there's anyway they could have gotten hold of my password, so I'm not gonna bother changing it again.

DanielBarr3
DanielBarr3

@pdscott Quick on stopping them also and with the notifications.

DanielBarr3
DanielBarr3

@pdscott Nice one, will look at that

Subscribe for daily updates
Related
Chrome app Download The Sociable's browser app from the Chrome Web Store