Think someone is using your Gmail account to read your emails? Wondering if there is a way to find out if your account is safe?
Having a single sign-in for all these apps is very convenient but provides a single point of failure. If someone can log into your Gmail, they can log into everything.
This tutorial will show you how to check if someone else is using your Gmail account and what to do if your account has been compromised.
Is Someone Using Your Gmail Account?
There are often signs that your Gmail account has been hacked. Emails you didn’t send, complaints from contacts that you sent them spam or malware, emails from organizations you never heard of confirming account creation, or something else entirely.
While indicative of something going on, they are far from definite. Fortunately, Google takes account safety and privacy very seriously and provides a tool to check your account’s activity.
Let’s look at all the possible ways to check if someone else is using your Gmail account.
1. Login Activity
- Open Gmail and log into your account.
- Scroll to the bottom of your Inbox page and find the Details link in the bottom right.
- A page will now appear with your recent security events, including logins.
In recent security events, you will see all your logins. The page will show all the recent activity of your account: the IP address, the date and time, and browser login details. Check through this to see if you notice anything suspicious.
Google collects and stores this data each time you log into your account and use it, meaning that even a seasoned hacker couldn’t fake it. You can also check the Google Security page, scroll to Recent security activity, and see where and when your account is being used.
If you don’t see the Details link at the bottom of your Gmail inbox, use this link instead. Some Gmail users don’t seem to have the Details link, while others do.
Note: You can sign out of all active sessions from the Details page. If it makes you feel more secure, or you see an unauthorized login, don’t hesitate to flip the switch and change your password immediately.
2. Check For Changes in Your Account
If you’re still not convinced that your account is still in your control, there are a few more things to look out for:
- Was any of your security settings recently updated? – Things like your Gmail account name, contact information, 2-factor authentication, and recovery email.
- Have other accounts been hacked? – If your online bank account or some other account has been accessed, it’s possible the hacker gained access through your Gmail if that’s the account used for logins.
- Check your deleted folder – You may find emails that the hacker used to gain access to other accounts in the deleted items folder.
3. Unrecognized Devices
Lastly, visit your Account Security page and look for any Security Alerts. Google has its way of telling you whether or not someone gained access to your account.
Navigate through your devices and remove any older ones you no longer use or those you don’t recognize. Next, check for any security events. Most of these are simply logins that you will recognize.
What to Do if Your Gmail Has Been Hacked
If you find anything wrong with the Security check and someone else is using your Gmail account, you must act quickly. The longer you wait, the more spam or malware they could send and the more photos or files they may download from your Google Drive.
You can do a couple of simple things to lock your Gmail account down.
1. Change your Gmail password
The first step is obviously to change your login password for Gmail. This will stop any hacker from being able to log back into your Gmail account to continue their nefarious work.
- Log into the Google Security page.
- Select Signing in to Google and select Password.
- Enter your current password.
- Select to change that password and enter a new one.
- Hit the Change Password button to confirm the change.
Aside from your Gmail password, changing the passwords of any related accounts may be a good idea. For example, if you use your Gmail account to log in to your bank account, update that password as well.
2. Enable two-factor authentication
Once you have control of your Gmail account, it’s time to increase security to prevent it from happening again. Like many cloud services, Gmail offers two-factor authentication (2FA) for better security and safety.
It requires you to enter a password and receive an email or SMS code to verify. The email gets sent to a different address, or you could use your phone number.
- Log into the Google Security page.
- Click on Signing in to Google and select 2-Step Verification.
- Select Get Started and follow the wizard.
You can select an SMS or call, use a hardware security key, or simply enter your phone number. We suggest the SMS option. You can log into Gmail from anywhere, anytime, as long as you have your phone.
Ensure that you have a recovery email for any login alerts. If someone tries to access your Gmail account again, it should trigger a login email. It is a good idea to contact your local authorities if any of your banking or financial information has been compromised.
3. Run a Full Antivirus and Malware Scan of Your Devices
If someone does gain access to your Gmail account, you won’t necessarily know how they did it. They could have used brute force on the Gmail server or hacked your device. It’s too much of a risk not to check, so next, you should perform a full antivirus scan of all your devices.
Then, run a malware scan as a secondary measure.
4. Let Everyone Know
Now that your account is in your control again and further secured, it is a good time to let everyone know you lost control over your account. Tell them they can safely ignore and delete any suspicious-looking email sent from your account and that everything is fine now.
What to do if You Can’t Sign-In
If the hacker has taken over your account, you might be unable to log in. Google does offer support so that you can take your account back. Visit the Google Account Recovery Page.
Once you’ve typed in your Gmail address (be sure it’s the right one for the account you’re trying to get back), it will ask you to enter the last password you remember. Follow the steps, including verifying the necessary information to regain access to your Gmail account.
When setting up your Gmail, you must add a recovery email and phone number. It’s also a good idea to remember which month and year you set the account up. Google may ask when you originally set the account up as a security verification question.
Holes in Your Security You May Have Overlooked
One of the keys to account security is understanding what makes your account vulnerable. You may have 2FA, a password comprised of hieroglyphics, and the best antivirus software on the market, but it won’t do you any good if you’re unaware of other security risks.
Here is a list of how unauthorized users can gain access to your Gmail account:
- The hacker has access to a device that receives your 2FA codes – This can be an old phone you sold or even a public computer you neglected to sign out of. 2FA will do no good if another user can access the codes, so ensure your Gmail contact information is accurate. Also, sign out and factory reset the devices you’re no longer using.
- Using your mobile phone number – If someone has your old phone number that isn’t updated in Gmail, they could easily receive 2FA codes. It isn’t easy these days to clone your phone number, but it isn’t completely out of the question either. If someone continuously misuses your account, update your phone number and see if that stops it.
- Someone has access to your backup codes – Gmail has a nifty feature called backup codes. Generating 10 at a time, you can print them out or write them down. Visit the Security window in your Gmail account and request new codes. If someone has one of the ten codes, they can access your Gmail. Requesting new codes will void your old ones.
If you’re curious how this helps protect your account, there’s one common theme: you’re not updating your account. Whether it’s clearing your backup codes or updating your contact information religiously, these are things that hackers rely on.
Now You Know!
That’s how to check if someone else is using your Gmail account and what to do about it if they have been using it. Two-factor authentication should go a long way to stop it from happening again, so you should now be able to rest easy.
Found this post useful? Check out our guide about how to send an email with a previous date.
1. How can I know if someone is using my email address?
A. In case you think someone else is using your email address, there are a few things you can do to regain control over your account:
1. Change your Gmail password
2. Enable two-factor authentication.
3. Run an Antivirus and Malware check.
4. Alert your contacts about your situation.
2. How can I check my Gmail on someone else’s phone?
A. If you’re suspicious about someone else using your Gmail account on their phone, you can check it using these methods:
1. Check your login Activity
2. Go through your account and check for changes made to your account, like contact information, 2-factor Authentication, and recovery email.
3. Go to your devices section and look for devices you don’t recognize.