The Internet Marketing Driver: Glenn Gabe's goal is to help marketers build powerful and measurable web marketing strategies.

Wednesday, April 01, 2009

Hacked Gmail Accounts: What To Do If Your Gmail Account Is Compromised By Hackers


How to recover your gmail account after it has been hacked.The morning of March 2nd started out fairly normally. I moved quickly to get ready and jumped on my computer to check email, twitter, my feeds, etc. So I launched Outlook and happened to see an email from one of my good friends Matt Leonard (or @mjleonard if you are on Twitter). He's a great guy and a smart marketer so we're in touch often. The email was sent from Matt's gmail account and the subject line communicated the urgency of his message.

Apparently, Matt flew to Nigeria the night before to attend the Tinapa Opening Ceremony. {???} He ended up staying at a hotel, which was attacked by armed robbers. {OK...} They took all of his money and his wallet. {???} His email explained that he needed money badly, to the tune of $1500 so he could settle his hotel bill. {LOL} He seemed very scared and he emphasized that he needed the money sent as soon as possible. As you can imagine, I was genuinely concerned for Matt... {sarcasm}

Yes, Matt's gmail account had been hacked and I'm sure many people received the same email I did. Here was the original email:

---------- Forwarded message ----------
Subject: *****URGENT REPLY NEEDED *********


Hello
I am in a hurry writing this message, I had a trip to West Africa *NIGERIA* on visiting the TINAPA OPENING CEREMONY, Unfortunately for me all my money got stolen at the hotel where i lodged from the attack of some armed robbers.Right now,I'm without money and I'm even owing the hotel here, the hotel telephone service is disconnected,i have only access to emails,my mobile phone can't work here so i didn't bring it along, please can you lend me $1500 so i can return back and settle the hotel bills i would return it back to you as soon as i get home, I am so confused right now.You can have it sent through western union money transfer. My passport is with the Embassy here so i cant use my name to collect it now, But you can have it sent directly to a western union Manager here and i would get it through him as he helps the people here in the hotel to receive the money, I have already spoken to him, please let me hear from you so i can collect his full name and address where you can send the money tomorrow please,or if possible today. I am waiting for your reply.

Thank you. I look forward to your positive response.


Regards.


-----------------

OK, this was absolutely ridiculous, but being the good friend I am, I still wanted to reach out to Matt as soon as possible to let him know what was going on. I was pretty confident he didn't know yet. Now, I didn’t know if his actual account was taken over. I simply thought that someone was blasting out emails using his address as the sender. There’s a difference between the two. So, I created a new email (which was sent to his gmail account) informing him that his email address had been compromised. Unfortunately, that was the only email address I had for Matt...

It was a brief email that looked like this:

--------------------------

Hi Matt.

I just received a spam email from your gmail acct. Not sure if it's
widespread or not, but wanted to let you know.

It was one of those Nigerian schemes.

Let me know if you have any questions.

Glenn

-----------------------

It was only a few minutes when I received an email back from Matt. My guess was that he wanted to quickly thank me for notifying him of the scam. I opened the email and was shocked to see that the original email from Matt wasn't a joke! Matt was in fact in Nigeria at a hotel and needed money. {sarcasm yet again}

You see, “Matt” actually responded to my email!

Holy smokes, the scammers who hacked Matt's gmail were answering emails right from his account! I'll admit it, that creeped me out. Read their response to my email below:

---------- Forwarded message ----------
Subject: Re: Email Spam
To: Glenn Gabe

Hello,

Its not a scam mail, i am really there now. i need you to help me with $1500, i shall pay you as soon as a i return. i hope to read from you asap. below is the info where the money will be sent to....

------------------


So, I direct messaged Matt via Twitter notifying him of the hack, this time using only 140 characters or less. :) Before long, I received a DM back from Matt that he was handling the situation. He thanked me, and got back to fixing the problem. So, after Matt recovered his gmail account (and after he got pummeled by jokes on Twitter), I asked him about the steps he took to recover his gmail account.

After this happened to Matt, I asked myself if I would know what to do... I really didn't. I'm sure I would eventually figure it out, but I didn't know the exact steps. So with Matt's assistance, I decided to write this post to document the steps you should take to recover your gmail account after it has been compromised.

So in Matt’s own words, here’s how to handle the situation:

The process was pretty simple.

First, from the Gmail login page, select "I can not access my account".

Gmail, I cannot access my account.

Second, select the radio button "My account has been compromised". This will show a new prompt below "Please fill out our account recovery form to help us process your request as quickly as possible". Follow that link.

Gmail, my account has been compromised.

From the Account Recovery page, select "I believe someone has taken over my account" and fill out as much information as possible.

In my case, Google had contacted me pretty quickly via my alternate email with instructions to reset my password. {Glenn: Make sure your alternate email is active. You can check this from your Google account settings. You can also add additional email addresses just in case.}

Some other useful notes from Matt:
I'm not sure how someone hacked my gmail account. I did make a mistake by using the same password on way too many things. My main passwords are now individually unique. Passwords I set up for vendor accounts are no longer the same as I would use for other more sensitive services, like online banking.

Matt’s Tips to Protect to Your Logins:
1. Avoid unsecured networks
2. Don't use the same password everywhere.
3. Don't duplicate your email password with any login elsewhere (if you do, someone can use your email to login to your other accounts).
4. Change passwords periodically.
5. Don't share your passwords with anyone. Even if they're not going to abuse it, they may not store it properly.
6. Know where you enter passwords. 3rd party Twitter apps that require passwords are a perfect example of sites that people will enter their password without much familiarity aside from a tweet referral.

--------------------

So there you have it. If you wake up one morning and everyone is asking how and why you checked into a Nigerian Hotel, forgot your wallet, ran up a $1500 bill, and now need money, you'll know how to handle it. :) And definitely feel free to connect with Matt on Twitter. It's ok to joke around with him about the situation. He's a nice guy and has handled the jokes with grace. But don't go too far, he can bench press 375 pounds and used to be a minor league hockey player. ;-)

GG

Labels: , , ,

If you enjoyed this post and you need assistance
with your online marketing projects,
then contact Glenn Gabe today>

20 Comments:

  • At 8:26 PM, Anonymous Lori Bourne said…

    This happened to me too, and the fabulous Dana Lookadoo (@lookadoo) had one more tip: go into your Gmail Settings and choose "https" as your default. I also reported the takeover and changed my password. Hasn't happened since :)

     
  • At 8:54 PM, Blogger Glenn Gabe said…

    Thanks Lori. That's a great tip and probably should have bee included in my post! And I agree, Dana is fabulous. :)

    GG

     
  • At 9:00 AM, Blogger Marnie said…

    this has just happened to me, and I'm not sure how much of my personal information has been compromised. how do I check? It took 48 hours to change my password. Advice to others-be sure you have a secondary email address that you remember!
    Marnie E

     
  • At 9:35 PM, Anonymous Anonymous said…

    I was talking to my girlfriend on gmail and then all of a sudden..i was hacked and the dude was cussing at her....! almost made me and her over......but i will try all this and...hopefully it will work...

     
  • At 11:31 AM, Blogger Glenn Gabe said…

    @Marnie, I'm sorry to hear this happened to you! Regarding your personal information, if the hacker gained access to your gmail acct, then he/she had access to any information in your emails (that weren't deleted). What they actually tapped into is hard to figure out... It would be interesting to see if Google could help you out.

    Regarding having a secondary email address, that's really important and I think many people don't have that set up!

    GG

     
  • At 11:33 AM, Blogger Glenn Gabe said…

    Glad to hear you and your girlfriend made it through your gmail hacking incident! Now there's an idea for a future blog post! ;)

     
  • At 10:37 PM, Blogger DAWgs said…

    Haha, this happened to me today, only apparently I now own an electronics store lol.

     
  • At 5:27 PM, Anonymous Anonymous said…

    What do you do if the hackers change your secondary address and other information?

     
  • At 5:33 PM, Blogger Glenn Gabe said…

    Great question. Checking the account recovery page, they do have a field where you can enter an alt email address where Google can contact you. I would hope they could take control of the account, then email your alt address (the one you manually enter in the form) and get things resolved. I hope that helps.

    Account Recovery Form

     
  • At 12:32 PM, Anonymous WyteriaJacobo said…

    Thanks Glenn. This happened to me and I was feeling hopeless until I found your post on Google. I'm waiting to hear back from Google now. Lori's tip about https helps too.

     
  • At 11:27 AM, Anonymous Anonymous said…

    I was hacked yesterday.
    Went through these steps, only to have my back-up email compromised. Attempted to work with Google and they completely blew me off.

    I even went to a nearby Google office and asked for their IT security department to call me on the phone since the hackers [Nigerian] apparently went into my Google set-up to see what my back-up email addresses were.

    Bottom line: if you use a Google Email address, you are completely vulnerable.

    I have forwarded the IP address info from the hacker to UK and FBI internet crime divisions. But, I doubt I'll ever be able to recover my email accounts.

     
  • At 7:06 AM, Blogger Glenn Gabe said…

    I'm sorry to hear about your story. I fear (and know) that you're not the only one... I guess if they check your backup email address, then you might be in bad shape. Please come back to this post and update us on how this goes. I'd love to know.

    GG

     
  • At 9:32 AM, Anonymous Anonymous said…

    i got hacked this morning....and he hacked my facebook as well..but i got that back, but how long does the account recovery take? I know they say 24hours and i put my .edu email in the field for them to reply but i have professors who are thinking im stuck in nigeria

     
  • At 5:12 PM, Anonymous patty Adams said…

    what is the security significance of "https"? I don't get that (and I, too, was hacked today.)

     
  • At 5:18 PM, Blogger Glenn Gabe said…

    I'm sorry to hear about that Patty. And this post is becoming one of the most popular on my blog (unfortunately). https protects your information from being picked up by third parties (like if you were accessing a public wifi hotspot). However, if soemone found your password another way, then you're right, it doesn't protect you.

    Have you recovered your account?

    GG

     
  • At 4:17 AM, Anonymous Anonymous said…

    Today my gmail account is hacked. He changed my secondary mail id and security question.
    Google is not helping me in this regard.

    What I need to do to secure my personal info.

    Any help is apprecated...

     
  • At 3:31 PM, Blogger Glenn Gabe said…

    I'm sorry to hear about that. Did you use the Account Recovery Form listed above? That's the first place I would start. I hope that helps.

    GG

     
  • At 3:23 PM, Blogger Rebecca said…

    I too was hacked and they changed my password and secondary email address. Google is being entirely unhelpful, I filled out the account recovery form numerous times and every time it came back saying they could not validate the account as mine. I also emailed them via the security@google.com with no response. Calling their number only tells you that they have no customer service. Ten years of personal info and no ideas on how to recover it.

     
  • At 3:59 PM, Blogger Glenn Gabe said…

    Rebecca, I just reached out to the main Google account on Twitter to see if anyone can help. I'm sorry to hear about your situation and I will update this post if I learn more.

    GG

     
  • At 4:05 PM, OpenID thelostagency said…

    Agree that too many people use the same passwords for way too many services and often this password is not exactly hard to crack.

    I'm not sure if the response times are different for paid Google Apps accounts?

     
  • At 5:47 PM, OpenID T. Michael said…

    Hi i was hacked today and still haven't heard anything from google. they hacker has changed my password, SMS password recovery number, and the secondary e-mail address...I have filled out several account recovery forms, and have heard nothing from google. I tried calling google, and felt really bad for the girl who answered and had to tell me that there was no hope in speaking to anyone. I was furious, but anger has turned to frustration, but im not giving up. If anyone has any ideas please let me know. tmichaelfischer1@gmail.com is my secondary (and working) e-mail if you find anything.

  • At 5:47 PM, OpenID Linda said…

    My email was hacked, but the mugging supposedly took place in London! I could not reset my password, message said the URL was no longer valid so I assume they changed that too. I sent in the account recovery form with no word from google in 4 days. It should be easy for them to confirm my identity because I have an AdWords acct linked to the hacked address, with associated address, phone and credit card. AdWords is working fine. Backup gmail acct is fine. But I can't get in touch with a person at Google to straighten this out. Any ideas? Thanks.

  • At 2:00, Blogger Glenn Gabe said…

    I'm sorry to hear about that Linda, although I'm not surprised! Did you gain access to the gmail account again? Also, would the hackers be able to access to your AdWords account via the hacked gmail account?

    If the problem also ties with AdWords, you might want to call your rep (or the AdWords support number). They might be able to help you out.

    GG

     

Post a Comment

Links to this post:

Create a Link

<< Home