What to do when your Gmail is hacked

Gmail by Google is the world’s largest email service provider, with over 1.5 billion global users. If you’re reading this, there’s a good chance you use Gmail as your main email service.

This massive scale makes Gmail a target for spammers, spear phishing attacks, and bad actors who want to hack their way into your accounts.

At Cyrus, we take email security extremely seriously. We’ve helped thousands of people recover their Facebook and Instagram accounts, and we can help you keep your Gmail accounts secure using our advanced security platforms. 

Here’s what to do if you think your Gmail has been hacked, and how to fix it.

How to know if your Gmail has been hacked

There are several red flags to look out for if you think your Gmail has been hacked.

Investigate suspicious activity on your Google account

Be on the lookout for unusual activity in your Gmail. If you’re receiving strange alerts of password attempts, or notifications from Google asking if you’re based in a location you may not be, Google may be notifying you of hacking attempts on your Gmail account.

Google will alert you if there are changes to these settings.

• The name on your Gmail account
• Your recovery email
• Your recovery phone number
• Alternate or contact email addresses
• Your security question
• 2-Factor authentication
• Location sharing

If any of these settings were changed without your knowledge, change your Google password immediately.

Watch out for phishing emails

The most common email hacking scam is a phishing attack. Phishing is when scammers create an email that looks like it’s from a reputable source, but instead diverts clicks and activity back to hackers who can exploit whatever information you give them.

Spear phishing is when the attack is highly customized for the person being targeted. These types of phishing emails can often be so difficult to identify that they’ve even fooled high-profile people such as athletes and celebrities, along with some of the biggest companies in the world.

Here are some ways to identify phishing attacks

• The sender’s email address doesn’t match the correct company domain
• Email text includes typos or poor grammar
• Link addresses go to fake websites (don’t click them!)
• Email contains a risky attachment with file types like .exe, .scr., and .zip

Look for records of others logging into your Google account

Gmail keeps detailed logs of every device currently logged into your account. Pay close attention to the indicator in the bottom right corner of your Gmail window on the web to see exactly how many current devices are logged into your Gmail. If it’s one, that’s you. If it’s two, it might be your phone. If it’s three or more, you might have an intruder.

Check your Google Device Activity dashboard to see which devices are logged into your Google account. If there are any you don’t recognize, sign out of them immediately, and then change your password.

Your security settings have been changed

One of the first things a hacker might do is change your security settings. If your security settings are changed, it may be easier for you to get locked out of your account with little to no way to get back in. 

If you see an alert from Google indicating your security settings have changed without your knowledge, change your password immediately.

You see emails in your outbox that you haven’t sent

One of a hacker’s favorite things to do with a hacked gmail account is send emails to spam others. With your personal account, they can adopt your identity and attempt to trick people into thinking you’re the one sending the email, leveraging your trusted account to scam others.

Get into the habit of routinely checking your inbox and your outbox to ensure the emails sent from your account actually came from you.

Hacked Gmail account recovery methods

If you think your Gmail has been hacked and you can still sign in, there are steps you can take.

Step 1: Go to your Google Account dashboard.

Step 2: In the navigation panel on the left, select Security.

Step 3: In the ‘Recent security activity’ panel, select Review security activity.

Step 4: Look for any suspicious activity. If you see anything questionable, click into it, and follow the prompt to secure your Google account.

Step 5: Change your password and enable 2-Factor Authentication following the prevention & protection methods outlined below.

If you can’t sign into your Gmail: go to Google’s Account Recovery support page, and follow the steps outlined there.

Prevention & protection methods

The best protection comes from the security you set up before an attack. Here are the most important things you should do today to keep your Gmail protected from hackers.

Create Strong and Unique Passwords

If you’re using the same password for many different accounts, you may be at risk for hacking attempts. Use a password manager like 1Password or Bitwarden to create and manage strong, unique passwords for every account you use. 

Use Exposure Report by Cyrus to scan the web to see if any of your previous passwords have been leaked by hackers, and change them immediately.

Enable 2-Factor Authentication (2FA)

2-Step, or 2-Factor Authentication adds an extra security layer between your account and anyone trying to log in. We highly recommend you enable 2FA for your most sensitive accounts such as your Gmail, financial, and healthcare accounts.

Go into your Google security settings, and under “Signing into Google”, select 2-Step Verification. Follow the on-screen steps to set up an authentication method, either SMS verification (less secure), or an Authenticator app (more secure) like Google Authenticator or Authy.

Remove Outdated Google Permissions

Get into a regular practice of checking your Google permissions. To manage the third-party apps & services with access to your account, visit your Google Permissions Dashboard and remove outdated or unknown apps with access to your Google account.

Enhance your personal security

With Cyrus you get:

• 3 bureaus credit monitoring and scores
• 24/7 Response Center
• Identity theft insurance up to $1M
• Online account threat protection

Download Cyrus

Stay Safe Online with Cyrus

One of the best ways to stay safe online is to use a dedicated account protection service like Cyrus. 

As soon as you download Cyrus, you immediately have access to our in-house cybersecurity experts who will make sure your Gmail and other accounts are fully secure. Cyrus monitors your account and notifies you whenever there’s an attempt to access your Google account, or if new updates become available to help make you even safer. 

We’ve helped thousands of people recover their accounts after being hacked, and we use our expertise to stay on the cutting edge of security to ensure you always have peace of mind online.
Learn more about Cyrus security, online account protection, and 24/7 credit monitoring features to keep you safe and secure across the entire internet.