My Gmail account's been hijacked!

Question

I think someone has taken over my Gmail account and has changed the password. What can I do?

- Lloyd

Answer

This question was answered on April 25, 2008. Much of the information contained herein may have changed since posting.

It’s possible that someone has “hijacked” your Gmail account and could end up using it for anything from a prank, sending out spam or the worse case scenario; to steal your identity.

Identity thieves have figured out that if they can gain access to your e-mail account, they can probably access some critical information that would allow them to start acting like they are you

For instance, when you sign up for an online banking account, they ask you what your primary e-mail address is in case you ever lose your password.

If an ID thief can take over your e-mail account, they can tell your bank that they lost the username and/or password and to send the info to reset the password to your registered e-mail address.

Once that happens, they are off and running!

Free “webmail” accounts like Gmail are great resources, but many people have become too lax in how they use these wonderful tools

For instance, if you’re at a friend’s house, at an Internet café or at work and use a computer to check your e-mail, it’s possible that the browser on that computer is set to remember usernames and passwords automatically.

That means that the next person that happens to go to your e-mail service’s login page will only need to hit the Enter key to start accessing your e-mail account (and change your password, etc.)

You can get in the habit of clearing out the Internet History and passwords whenever you use someone else’s computer, but that won’t guarantee that your login information stays private.

There are a number of ways that someone with malicious intent can capture your keystrokes when you are using a computer that doesn’t belong to you, so be very selective where you access your e-mail account in the future.

If you think your Gmail account has been compromised, go to http://mail.google.com/support and click on the “Privacy & Security” link then on the link that says: “My account has been compromised” and follow the instructions.

If you use this account for any kind of online banking, stock accounts, or anything that could jeopardize your identity, make sure you change all of your account access codes and change the security e-mail address for those accounts to another address.

If you think that you’re exposed to identity theft as a result of this hijacking, you may also want to put a fraud alert or credit freeze on your credit file with the three major consumer credit reporting organizations: Equifax.com, Experian.com and TransUnion.com.

A fraud alert will tell the credit bureaus to contact you if any new credit accounts are being opened, while a credit freeze tells the credit bureaus that no lender can access your account without you lifting the freeze for that lender

A credit freeze is much more secure than a fraud alert, but there are associated costs and inconveniences, so make sure you fully understand the differences before you make a decision on either of them.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on April 25, 2008