Editor’s Note: I awoke to find an instant message on Facebook from my computer whiz friend Sam, saying he had been held up at gunpoint in London. Then the phone rang, and Erin was calling to ask how we could help Sam. But Sam was safe and sound. It was his computer that had been hijacked. He’s the savviest development guy I know, so I asked him to write about how he solved the problem in case it happens to you.
A rude awakening
It’s happening to more and more people every day: You wake up one morning, log in to your Gmail account, and notice that everything is different. Maybe all of your contacts are gone? Maybe all of your emails have been deleted? Maybe both? People are calling you on the phone and asking if you are OK, because they just got an email from you saying that you are in some kind of trouble, and that you need money wired to you right away. You are probably the victim of a Gmail account hijacking!
Somehow, someone has guessed or obtained your account password, and they are now using your email, Gtalk chat, Google Talk Voice, and possibly other services (like Facebook etc) to try and lure your friends and family into sending them money.
Hopefully, the following will help you.
I can still log in to my Gmail account: What should I do first?
The people who hack into these accounts often work in small teams. So, if possible, try to enlist the help of friends or family you can trust, preferrably people who also have computers. Ask them to send out alerts on Facebook, Twitter, through email, etc letting people know that you are not in trouble and not to send money to anyone pretending to be you. This can help minimize the possibility that someone will fall for the scam. Plus it can help people help you gather clues about how extensive the problem may have been.
However, even if you cannot enlist help, you should act as fast as you can.
Depending on how early you catch them, you may be able to recover your account. Here’s the best way to do it:
If you can log in:
- Change your password immediately!
- Change the recovery address as fast as possible
- Down towards the bottom of the page, there is a small line of text that reads “Last account activity: X ago on (some IP address will show up here). Click the link to see more details. If you see that someone else from somewhere else is logged in to your account, click the link to log them out now! Copy down the IP address of the intruder for reporting to the appropriate authorities.
( ref image URL: http://sophosnews.files.wordpress.com/2011/06/gmail-4.jpg?w=640 )
If you followed those 3 steps above you should have successfully barred this intruder from your Gmail account. They will have no immediate way to log back in. Gmail also offers this set of instructions for re-securing your account and keeping it more secure, take these steps right away!:
http://mail.google.com/support/bin/static.py?hl=en&page=checklist.cs&tab=29488
I cannot log in to my Gmail account at all! What should I do?
Again, as above, the people who hack into these accounts often work in small teams. So, if possible, try to enlist the help of friends or family you can trust, preferably people who also have computers. Ask them to send out alerts on Facebook, Twitter, through email, etc letting people know that you are not in trouble and not to send money to anyone pretending to be you. This can help minimize the possibility that someone will fall for the scam. Plus it can help people help you gather clues about how extensive the problem may have been
However, even if you cannot enlist help, you should act as fast as you can.
If enough time has lapsed, you may not be able to log in to your account at all. In that case, your first best bet is to submit this form as soon as possible:
http://mail.google.com/support/bin/answer.py?hl=en&answer=50270
You will need to submit the form at the link above multiple times! Even as many as 10. Make sure the information you submit is consistent. And make sure that the recovery email address you submit with the form is not also compromised! (use a friend’s email address that may be helping you, if you need to).
Once you get a reply from Google at the recovery address you submitted in the form at http://mail.google.com/support/bin/answer.py?hl=en&answer=50270 you can follow all of the steps at http://mail.google.com/support/bin/static.py?hl=en&page=checklist.cs&tab=29488
Make sure to also change passwords for any Social Media Service (Facebook, Twitter, etc) associated with this email address too, since the intruder could have used your Gmail address to recover and change those passwords as well.
Minimizing the damage
Depending on what you’ve used your Gmail account for, it may be necessary to do more than just secure the Gmail account itself. Hopefully, as discussed above you have already gotten the message out that you are OK, and not to send any money to the people pretending to be you.
It may also be necessary to do the following:
- Contact your bank(s) or credit union and ask them to change your account numbers, and deactivate any cards you have. They should usually be able to issue you new numbers and cards the same day. Sometimes bank websites will email this type of information, so it is a useful precaution to take, preferably within the same hour that you secure your email account with Gmail.
- If you think any of your personal information (Social Security numbers, EIN numbers, etc) were somehow in your email, or accessible via using your email account, in the United States you can post a fraud alert with the three credit reporting agencies for free. At minimum I recommend doing this right away. See https://www.annualcreditreport.com/cra/helpfaq#fraudalert
- You can also opt to buy a product, like http://www.transunion.com/corporate/personal/creditTools/3bcreditMonitoring.page that will give you insurance against fraud, monitoring of all three agencies, and fraud alerts to all three for around 10.00 per month. Depending on what information was in your email, it could be worth the investment for at least 6 or more months!
Lastly, really try to thank people for alerting you to the problem. Even though you may receive hundreds of emails, messages and calls alerting you, try to thank each person personally for doing it, so that this would encourage them to help you again in the future!
