If you have a Gmail account that is getting hacked even after you change your password or if you want to prevent your account from being hacked, then you must do 3 things. Read on.
A lot of people report their account being hacked including US Government officials and members of the CIA.Just imagine ,if members of the CIA security team are having their Gmail accounts hacked, what can stop you from having your Gmail account hacked?
Some nasty hackers will even delete your account or emails including documents on your Google Drive or Google Docs.This is a scary possibility but it does happen time and again (Read the story of Honan who had all his iPad documents on Apple’s iCloud deleted by the hacker)
How Your Password Can Be Stolen:
Phishing Email and websites:
This is a Gmail phishing webpage created by a hacker to steal your login details. The hacker will create a deceptive HMTL email and send it to random email addresses that have been harvested from the internet. The email harvesting software will collect email addresses from websites across the internet if activated. This means if you have a public profile with your email address, the harvester will collect your email. The hacker can also obtain email addresses from targeted people
which is quite easy.
After collecting the email addresses, the attacker will send an HTML phishing email to these email addresses. The damage is done when you open the phishing email and click on the link. Phishing emails are cleverly designed and most of the times, you will click the link without suspecting anything. When you click the link, you will be presented with a login phishing webpage that looks like a Gmail webpage or a common brand name that you trust e.g. Apple, Microsoft, Hewlett Parkard, Coca Cola, Visa, Barclays Bank, PayPal and many others. Without knowing it, your Gmail login details will be in the hands of a hacker after you have entered your login details on the webpage.
Screen Monitor: This is spyware that is installed on your computer to monitor your screen activity. It is often installed on the computer without your knowledge. Spyware can end up on your computer in many ways. For example, a hacker can install spyware on public computers in internet cafes, libraries, college campus or Wi-Fi spots. Spyware such as a screen recorder can record your screen activity via a remote server. Whenever you are connected to the internet, the screen reader will always monitor your screen activity and your login credentials will be captured.
Key loggers: A keylogger is a spyware that records your keystrokes on your computer keyboard and sends them to the hacker. Whenever you type in your password to log into Gmail or any other website, the keylogger will easily intercept your password.
Session Cookie Hijacking: When you are using a public computer, you are at risk of having your Gmail password hijacked by malware such as FireSheep and WebCookies Sniffer that capture a user’s session cookies. Many websites will store temporary cookies for a user on a web browser, and these can be exploited by a hacker to crack your password.
This attack affects those with weak Gmail passwords. If you are using a common name or a name that can be found in a dictionary as your password, then you are exposing yourself to a Dictionary attack. There is a lot of sophisticated malicious software that can crack a password by running a dictionary check in a few seconds. You should never use a dictionary name or any common name. Instead create a strong password with random mixed up characters that include letters, numbers, commas, question marks, full stops,underscores,slash,stars and many other signs on your keyboard.This article shows you how to create a strong password
Social Engineering: This is where an attacker obtains and uses your personal information such as Name, Identity Card Number, Credit Card details, Social Security Number, Billing Address and other details to reset your password.
The three most common methods of stealing a user’s password are Password Resetting, Cracking and Social Engineering (or Phishing)
Password Reset: The attacker’s aim is to have access to your Account by resetting your password. If the victim’s login credentials such as the email address or username are known, the attacker will seek more personal information about the user that is required to reset the password.
Password Cracking: Malicious scripts used by spyware such as keyloggers, screen readers, dictionary attacks and session cookie hijacking can crack a user’s password easily.
Phishing: A phishing attack usually involves a phishing email that is sent to the victim to trick the person into submitting personally identifiable information for password resetting. A phishing attack can also involve an HMTL email that will send the user’s login details to a phishing webpage when clicked. To prevent phishing attacks, don’t click on any links inside a suspicious email and don’t log into a webpage where the link redirects you. The trick is that most phishing emails and web pages are well designed clones of original websites and you would click them without a second thought.
How to Stop Your Gmail Password from being hacked:
You can stop your Gmail password from being stolen by doing the following:
Activate Gmail 2 Step Verification: (VERY IMPORTANT)
The Gmail two-step verification will thwart all attempts to log into your email account. It adds a second layer of security that is impenetrable. If a hacker somehow manages to steal your password, he will not be able to log into your account when the two-step verification is enabled. The two-step authentication will ask you to enter a one-time password that is sent to your mobile phone when you log in from an unfamiliar location. A hacker will not be able to get this one-time password because they won’t have your mobile phone. To activate 2 Step verification, follow the instructions on this URL:
You can also activate 2-step verification right from your Gmail dashboard. Sign into your account, then go to: [Settings] > [Accounts] > [Google Account Settings] > [Security].Select [2 step Verification] then click Edit .Follow the instructions. Gmail will sign you out and ask you to sign in again. Follow the instructions to TURN ON 2-Step verification using your mobile phone.
Check Gmail Forwarding in your Account:
Before you change your password, you must make sure that your Gmail account is forwarding messages to email addresses that you approved. When a hacker breaks into your account he might have set your account to forward messages to his own email address. This way, he will keep receiving your email even if you change your password or activate the two-step verification. He will also receive all the password resets that you make. Go to [Settings > Forwarding and POP/IMAP] to check the forwarding email addresses. Remove any email address that you did not enter and save your settings.
Check that no-one has been granted access to your Gmail Account:
You should also ensure that no-one has been granted access to your Gmail account. When a hacker breaks into your account, one of the things that he might do is granting himself access to your account. This permission allows him to send and read mail from your Gmail account. Go to [Settings > Accounts and Import] to check people with access to your account. If you find any unauthorized person or email address on the list, remove the name and save your settings.