If your Gmail is hacked there are some important steps you should take right away:
- Turn on gmail two factor authentication This will also require you to use an application specific password with some email clients (i.e. iphone and android)
- Change your gmail password to something new (you don’t use it anywhere else) and more complex (12 characters or more)
- Check the trash and inbox in gmail to see if the bad guys are initiating password resets
- Review the access history for you google account, see if there are any odd access locations listed
- Double check that an alternate password notification has not been added to your gmail account
- Change the password on any account which uses your Gmail address as a user ID with that same password. In priority order from the most to least important website (i.e. banking)
- Turn on 2 factor authentication on any sites that permit it.
They troll for passwords then use them to access other sites. You probably have a bit of time, but not much…..
If you have not been hacked, but have a Gmail account, you should be sure to turn on two factor authentication ahead of time.