was successfully added to your cart.

Gnawing suspicion of hacked gmail ?

By | Case Study !, Hacking | 4 Comments

Couple of days ago a friend of mine called me frantically and asked me for the help. She suspected her gmail account is hacked. Apparently few of her friends called her and said they are getting strange messages from her account. I took a look at her account. It wasn’t hacked, it was just a virus that she contracted while she clicked a spam email.

However her paranoia was justified, because gmail happens to be account recovery email for many folks. It is usually tied to bank accounts, social media account and other important websites for recovery. If one gets access to the gmail they can get access to lot of other important sites.

Here are the steps I asked her to do just to be sure,

  • First login to your gmail and click the “detail” on the bottom right link. It will give you details of all active sessions and login information. For normal cases it will be from devices owned by you such as mobile, ipad and laptop.  To be sure logout of all sessions and login again for the next step.
  • Change your password, it is always good to change it often. The steps are well documented on the google forum https://productforums.google.com/forum/#!topic/gmail/JEu0Dlm0DAE. As you notice there are couple of additional unintuitive steps here.  You may be wondering why those steps are necessary. Here is a 30 thousand feet explanation.
    • Signatures can be used to track one by injecting invisible scrips (written in white color). So turn them off. Same is true for vacation responders.
    • Email forwards are a great way of reading your emails with out raising any suspicion. (It could be done by a close associate who has access to your computer and surreptitiously adds this while you take say a  bio brake).

She did this and reported feeling peaceful :-). Irrespective of your state of mind, it is always a good practice to do these steps for your important accounts.