My Gmail Account Was Hacked – The Fix Made Simple.

I will do my best to make this simple – you’re frustrated, and need help now. I just spent 12 hours (and counting) dealing with a spam/phishing hack of my Gmail account. Brutal – and you feel quite violated in the process. Hang in there, and don’t be afraid of the internet. It happens; fix it and move ahead.

I’ll try to make the “rocket science” I found it to be as simple as possible. It may cut your time in half.

My experience: My entire Contact list (it was my business email) was informed I was stranded in Malaga, Spain without a passport. Phone calls and emails came in – it was very convincing. I could find no one to directly help me, who knew everything to do. Arg.

If anything like this happens to you, I hope this helps. Disclaimer: I’m not tech support, nor do I know much, so what is here below is drawn from other sites, and you may follow the instructions if you choose.

FIRST: Change your password on that Gmail account spamming people. Now, you’re “clear.”

SECOND: Quick change any other site you used that same password on. (NEVER use your same Gmail password for other sites.)

THIRD: Go to the bottom right hand corner of your Gmail account. See where it says “Last Account Activity – Details”? Click that, and you’ll see how long ago someone other than you was on your Gmail. I saw two states I hadn’t heard of. (Note – hackers apparently often use a “shadow” – i.e. someone with a name close to yours through whom they route their deed – don’t lose it over everyone that has your name who seems suspect!)

How did they get in? Possibly they got your password from some email you sent, text, or scam email, etc. (NEVER send a password over email or text, and NEVER respond to a Google email or other email asking for password or financial info.) See at the bottom of this post for more possible ways they got your password.

If your account has been compromised/hacked/stolen you will need to check and fix at least ALL of the following things, including the password change.

STEP 1: Be Thorough. Go to your Gmail Account, Mail Settings
Log in, and click on your mail settings in the upper right hand corner (the little gear). Do the following, according to a Google expert:

Account Security:
Settings -> Accounts and Import -> Google Account Settings -> Change Password [pick a new secure password]
Settings -> Accounts and Import -> Google Account Settings -> Change Password Recovery Options [verify secret question, SMS and secondary e-mail address]

Potential Spam:
Settings -> General -> Signature [make sure nothing as been added]
Settings -> General -> Vacation Responder [make sure it’s disabled and empty]

E-mail Theft
Settings -> Accounts and Import -> Send Mail As [make sure it is using your correct e-mail address]
Settings -> Filters [no filters that forward or delete e-mail]
Settings -> Forwarding and POP/IMAP -> Forwarding [disabled or correct address]
Settings -> Forwarding and POP/IMAP -> POP Download [disabled]
Settings -> Forwarding and POP/IMAP -> IMAP Access [disabled]

STEP 2: Review and Clean Up.

Now, after you have done all of that, you need to go to this link below, and go through each one of these tabs. It’s a burden, but you need to at least think about each thing they mention and make a choice.

Review And Clean Up
http://mail.google.com/support/bin/static.py?hl=en&page=checklist.cs&tab=29488

STEP 3: Mourn, Weep and Wail In Peops Junk Filter

Here’s the reality. Right now, it seems no one can receive an email from me. I am blocked as a sender and get this message whenever I try to send an email, I get this rejection message:

“Delivery to the following recipient failed permanently:
Technical details of permanent failure:
Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 535 535-5.7.1 Username and Password not accepted.”

Due to this, I chose to deactivate my account… forever. Before you do (see below) transfer all your old emails and contacts to a new Gmail account. The link at the bottom tells you how to do this, and from there you can also see how to do it with your contacts.

At the end of the day, the information above was all linked up through this page, the most helpful to me by far: http://www.google.fr/support/forum/p/gmail/thread?tid=560d53dee40be5e6&hl=en

Neither of us had time for this, but if you want to keep using that particular Gmail account, you have to do this.

If not, delete the account forever by clicking on your face in the upper right, and under “Services” click “Delete this account forever.”

STEP 4: Due Diligence

You have no clue how much of your info they got. You can freak out and close every account or credit card you ever had, or you can do some cleanup on other sites and do your best.

  • Think through all your financial sites – did you use this username and password?
  • Think through all your social sites (Facebook, Twitter, etc.) – did you use this username and password?
  • Think through your family sites – how secure are they? Give them all some lessons from the ashes of your pain.
  • I will alert my bank(s) about what happened, so they can watch for suspicious activity.

Let me know if this helped you. I can’t help any more, as I’m no techie, but I can post this on my blog.

Other “Most Helpful” Posts Or Numbers

Best Gmail Help Support (Volunteer) I’ve Encountered (Fyi, if you just have a free gmail account, google won’t talk to you; this guy will)

How did someone get my password?

How do I transfer all my old emails from the compromised account to a new one?

If you are concerned someone may have seen vital information, go here in the US.  Some pre-recorded info is very helpful, and you can contact the 3 major credit bureaus to put an alert on your credit world.