Like many millions of internet users, my wife did not have a complex password. Hers was harder than most that can be easily deciphered or socially engineered but it was still only a string of numbers. This made it rather easy for a hacker in China to compromise her account and send out thousands of spam mails – including mail to all of her contacts. Lucky for her, the guy was a better hacker than email writer so no one fell for the link that was sent.
So how do I know it was a guy from China and how did we get the account back? Well, it was rather easy this time due to some forward thinking by Google. Many Gmail users don’t know this, but there is a very handy link at the bottom of your Gmail account. All the way down in the footer there is a status update that indicates when the last account activity was. It also has a link to the details on your account activity. Clicking that link will give you the details of all the recent access to your Gmail account the type access, the IP address it was accessed from, and the time and date it was accessed. This will tell you is someone is getting in to your account from another location. Most importantly though, there is a very powerful button at the top of the details page. It’s basically the nuke all connections option. Clicking the button will force all other sessions to be logged out. Combine that with a password change and you have your account back.
The other important lesson to remember is to use a strong password. Microsoft has a great article describing how to create a strong password that you will be able to remember. Follow their simple process and your accounts will be less susceptible to brute force hacking attempts.