How to Recover a Hacked Gmail Account

A hacked Gmail account can lock you out while giving attackers access to your personal information and other linked accounts. Google provides specific recovery tools and security measures to help you regain control and prevent future compromises.

1. Attempt to sign in and identify the compromise. Go to gmail.com and try signing in with your usual password. If you cannot access your account, note any error messages. Check if your password has been changed, if recovery information has been modified, or if you receive emails about suspicious activity.
2. Start Google's Account Recovery process. Visit accounts.google.com/signin/recovery and enter your Gmail address. Click 'Forgot password?' and follow the prompts. Google will ask verification questions based on your account history and recovery options.
3. Complete the recovery verification. Answer Google's security questions as accurately as possible. Provide the last password you remember, approximate account creation date, and names of frequently contacted people. If you have a recovery phone or email, use those options when prompted.
4. Create a new strong password. Once you regain access, immediately go to myaccount.google.com/security and click 'Password' to create a new one. Use a unique password with at least 12 characters, including uppercase letters, numbers, and symbols. Avoid any password you've used before.
5. Review and secure your account settings. Check myaccount.google.com/security for unfamiliar recovery phones or emails and remove them. Review 'Recent security activity' for suspicious sign-ins. Update your recovery phone number and backup email to current, secure options you control.
6. Enable two-factor authentication. Go to myaccount.google.com/security and click 'Two-Step Verification.' Follow the setup process to add your phone number or authenticator app. This prevents future unauthorized access even if your password is compromised again.
7. Check connected apps and devices. Visit myaccount.google.com/permissions to review apps with access to your Gmail. Remove any unfamiliar or suspicious applications. Check myaccount.google.com/device-activity and sign out any unrecognized devices.
8. Scan for malware and update related accounts. Run a full antivirus scan on all devices you use for email. Change passwords for other important accounts, especially banking, social media, and any services that use your Gmail for recovery. Check your Gmail sent folder for any emails you didn't send.