Guest blog article by Steve Loosley, Tech Blogger
Is your Gmail secure? Can you tell if someone hacks your account?
In this short series of posts, I want to help you make sure that your Google Account is secure. I want to show you how to know if someone hacks your account.
In this post, we’ll focus on Gmail and in the next, your Google Account settings. First, I want to show you how you can tell if someone else is checking your email.
Gmail Account Activity
Gmail records how, where, and when your mail is checked. To check your Last account activity, look for the following at the bottom of your Gmail screen and click on Details
A new window will open, like the screenshot below, displaying the Access Type, Location (IP address), and Date/Time. Scan the rows. Does anything look suspicious — unauthorized concurrent sessions, unexplainable locations or times, or unknown devices?
For example, if you normally access your email from California, but the Location field shows that your account was accessed from another state or country, this is a red flag that someone else has access to your account.
Make sure that the Alert preference is set to Show an alert for unusual activity.
Gmail Settings
Next, let’s verify your Gmail settings. Click on the cog in the upper right corner of your Gmail screen and select Mail settings from the drop-down menu, like this screenshot.
In the General tab, make sure that the Browser connection is set to Always use https. This setting protects your information from being stolen when you're signing in to Gmail on a public wireless network, like at a coffee shop or hotel. Here's a screenshot.
Next, let’s examine the key settings to make sure that no one has hacked your account and hijacked your mail. Again, on the Mail settings page, click on
- General: check your Signature, and Vacation responder.
- Accounts and Import: verify your settings under Send mail as, which includes checking your reply-to address, Check mail using POP3, and Grant access to your account.
- Filters: Check that no filters are sending your mail to Trash, Spam, or forwarding to an unknown account.
- Forwarding and POP/IMAP: Make sure that your mail isn't sent to an unknown account or mail client, like happened in this summer’s Chinese Gmail scandal.
Finally, be aware of phishing scams (read about phishing in Wikipedia) that redirect you to websites that look like Gmail log-in pages, but are really rogue sites to trick you in to entering your Gmail address and password. For example, this graphic shows what the fake site looked like that tricked many users this summer.
Here are a few things to remember to avoid phishing scams.
- The URL for Gmail should be https://mail.google.com/... Check the top of your web browser, and if it’s anything else, use extreme caution.
- Avoid clicking on a URL that is disguised in an email. Hackers disguise dubious websites by not showing the URL. So, don’t click on this, but do click on this - http://www.example.com.
- Never send sensitive information by email. To be safe, assume that your email may be snooped.
To sum-up, if you keep close watch on your Account Activity and occasionally check your key settings, you’ll be well on your way to securing your Gmail.
In the comments below, let me know what works for you. How do you keep your Gmail secure?
Additional Resources
Gmail Security Checklist - Google Help Document
Managing and Organizing Your E-mail Inbox--Using Google Apps - People-OnTheGo webinar
Inbox Freedom - People-OnTheGo webinar
