Q: My Gmail Account Has Been Compromised. What Should I Do?
Beyond the basics, there are a few more considerations when your Gmail (or any other account for that matter) has been breached.
Google offers two-factor authentication, enabling this should be one of your first steps. Two-factor authentication requires anyone logging into your account to not only know your username and password, but also retrieve a time sensitive token. This security token is usually a 5 digit number sent to your cell phone or your secondary email address.Sending out a mass email warning your address book is always a good idea as well. A crafty hacker will try to get at your friends too.
Unfortunately, two-factor authentication is not the security silver bullet. If someone has gotten into your account, you should double check whether or not they have changed your recovery email or your cell phone number. If you are on an Android device it is always smart to scan that for viruses as well. Fortinet’s Mid-year Threat Report outlined a dramatic increase in mobile malware, a good portion of which is designed to lift security related information like authentication tokens. It is also a best case practice to look closely at your email filtering and forwarding rules. You don’t want any of your personal or account information related emails going to a hacker’s inbox.
While doing these things is always a good practice, there is still one major concern surrounding an email breach. If your email account has been compromised, you can reasonably assume that the culprit has downloaded your entire email archive. If this is indeed the case, they probably have information about an entire slew of your online accounts. The most secure, albeit cumbersome, thing to do is to create multiple email accounts for your multitude of other accounts, all with unique passwords of course.
You can improve basic Gmail security with this checklist.
To ask a question of your own, send an email to expertsATfortinet.com