I recently lost my phone. It's not stolen, but I left it in the cafe. Unfortunately, my attempts to locate it are futile. The loss of the phone is unfortunate, but there's a lot more to be concerned.
If you're like me, most of your online presence revolves around your email. In my case, I'm using Gmail. I've applied it to sign-up from social media to bank accounts. Additionally, my apps also use Gmail for authentication. That means, whoever has access to my Gmail can pretty much receive a lot of personal information.
Unlike computer hacking, email infiltration is hard to detect. Hackers can get access to your Gmail account without your knowledge. Aside from your mobile phone, spams and other hacking methods can put your Gmail at risk.
So, how do you know that hackers are hacking your Gmail account? Here are a few things I did.
Signs your Gmail is Hacked
Google is continuously improving its services. That includes detecting malicious activities in your account. There are a few signs that you should look out. Make sure that you check your inbox if there's a notification of unusual logins.
Gmail will also notify you if there's an attempt to change your username and password. You may also receive a warning from Gmail like "We've detected suspicious activity on your account."
Lastly, an increased activity of spam coming from your Gmail account is a tell-tale sign. Sometimes, you'll stop receiving emails altogether. Or, you'll receive emails that you are not expecting.
After receiving any of these notifications, do the following steps to make sure that hackers do not have access to your Gmail account.
The first thing to know is who's accessing your account. Today, your computer is not the only device used to login to Gmail. Having multiple machines used every day is normal. It becomes necessary to check what devices are accessing your account.
First, log in to your Google Account. Then, access your profile by clicking on your profile photo on the upper right corner. Click My Account.
On your Account Profile page, click Sign-in & security.
On the Sign-in & security page, go to Device activity & security events tab.
In Device activity & notifications, check devices under Recently used devices.
If all look good here, click Review Devices. Under Recently used devices, make sure that all machines listed are yours. It is also important to note the location of each device.
Since I lost my phone, I will remove the permission to my account. Click on the device, then click the red Remove button.
Step 2 - Forwarded Emails
After making sure that all devices on your account are yours, check if your emails are being forwarded. This forwarding happens when hacking is almost undetectable.
Your Gmail could be sending essential messages to another account. Hackers may have access to the email account of your banking, shopping, and credit card emails. Follow the steps below.
Login to your Gmail account, Click the cog icon in the upper right corner. Then, click Settings in the drop-down.
If you are using Google Inbox, click Gmail on the left-hand menu to go back to Gmail temporarily.
In the Settings page, go to Forwarding and POP/IMAP tab. Check if there are any emails in Forwarding.
In my account, I haven't added any forwarding address. That means my Gmail account is safe so far.
Your Gmail may not be forwarding emails to another account. However, an email client may have access to your inbox. If you've used clients such as Thunderbird, Mail in Mac, or Outlook, you are familiar with POP/IMAP.
POP and IMAP are protocols that tell your Gmail account to send emails to third-party software. A hacker may set-up an email client to remotely receive your important emails. Here's how you can check:
Check the current activities on your email. Go to Gmail, then click Details at the bottom.
It will open a new window. In here check the IP address and locations your account is accessed. Access types, like POP/IMAP, will also show up here.
Disable POP/IMAP if you're not using any email clients.
Step 4 - Check Recovery Email or Phone Number
The last thing to check is your recovery email and phone. The use of your phone and email is in case you've forgotten your password. It can be changed by the hacker and gain access to your account.
Go back to your Account profile page. Scroll down and double check the information under Account recovery options.
If you suspect that someone has access to your account, change your password right away. Even before following the steps above. Go to Gmail Settings. Then, click the Accounts and Import tab. Now, click Change password.
It is highly recommended to do a complete Security Check-up. Go to your Account profile. Click Get Started under Security Check-up.
Additionally, enable 2-factor authentication. In 2-factor authentication, your Gmail will send a unique code as SMS. Your account will use the number as another layer of security to log in.
You should have a secure password. It should be composed of small and capital letters, numbers, and special characters. It is strongly suggested to change your password regularly. You can also use password managers to organize strong passwords easily.
Aside from losing your phone, hackers have different ways to infiltrate your account. Spams, advertisements, and carelessness are only some of the ideas into your Gmail account. Malware attacks are also a genuine threat. Make sure that you protect your computer using anti-malware software, like MalwareFox.
Your first protection is a little bit of common sense. Don't copy me by leaving your phone anywhere. Additionally, be careful in clicking unknown links in your Gmail. Lastly, be cautious in giving permissions to applications and websites.