My Gmail Account’s Been Hijacked!

I think someone has taken over my Gmail account and has changed the password. What can I do? –Lloyd

It’s possible that someone has “hijacked” your Gmail account and could end up using it for anything from a prank, sending out spam, or the worst case scenario: to steal your identity.

Identity thieves have figured out that if they can gain access to your email account, they can probably access some critical information that would allow them to start acting like they are you.

For instance, when you sign up for an online banking account, they ask you what your primary email address is in case you ever lose your password.

If an ID thief can take over your email account, they can tell your bank that they lost the username and/or password and to send the info to reset the password to your registered email address.

Once that happens, they are off and running!

Free Web mail accounts like Gmail are great resources, but many people have become too lax in how they use these wonderful tools.

For instance, if you’re at a friend’s house, at an Internet cafe or at work and use a computer to check your email, it’s possible that the browser on that computer is set to remember usernames and passwords automatically.

That means that the next person that happens to go to your email service’s login page will only need to hit the Enter key to start accessing your email account (and change your password, etc.)

You can get in the habit of clearing out the Internet History and passwords whenever you use someone else’s computer, but that won’t guarantee that your login information stays private.

There are a number of ways that someone with malicious intent can capture your keystrokes when you are using a computer that doesn’t belong to you, so be very selective where you access your email account in the future.

If you think your Gmail account has been compromised, go to mail.google.com/support and click on the “Privacy & Security” link then on the link that says: “My account has been compromised” and follow the instructions.

If you use this account for any kind of online banking, stock accounts, or anything that could jeopardize your identity, make sure you change all of your account access codes and change the security email address for those accounts to another address.

If you think that you’re exposed to identity theft as a result of this hijacking, you may also want to put a fraud alert or credit freeze on your credit file with the three major consumer credit reporting organizations: Equifax.com, Experian.com, and TransUnion.com.

A fraud alert will tell the credit bureaus to contact you if any new credit accounts are being opened, while a credit freeze tells the credit bureaus that no lender can access your account without you lifting the freeze for that lender.

A credit freeze is much more secure than a fraud alert, but there are associated costs and inconveniences, so make sure you fully understand the differences before you make a decision on either of them.

Ken Colburn
President of Data Doctors Computer Services, Host of the award-winning Computer Corner radio show, and Author of Computer Q&A in the East Valley Tribune newspapers.

Tags: fraud, gmail, gmail security, identity theft, webmail security