The solution is to set Permanent SSL in Gmail:
Sign in to Gmail >> Click Settings at the top of any Gmail page >>Set ‘Browser Connection’ to ‘Always use https.’ >>Click Save Changes >>Reload Gmail.
Please note,
- Gmail Notifier users must download a patch for Notifier to work with this setting.
- Errors in the Gmail for mobile application may result from enabling this setting.
- Errors in Google Toolbar may result from enabling this setting.
2. Whenever you log in to your Gmail account, always check the URL from the browser address bar. This is because there are plenty of dirty minds who create an exact replica of the Gmail login page. The worst part – they install some scripts or malicious codes behind the fake login page and host the page in their web server. When you login to Gmail from a fake login page, your username as well as password is sent to another email address or to an FTP location.
3. Review and change your password and account recovery options.
Settings >> Accounts and Import >> Google Account Settings
Pick a new password. Also select “change password recovery options” and verify your secret question, phone number and recovery email address.
4. Review your signature and vacation responder to make sure they are what you expect.
Settings >> General >> Signature
Settings >> General >> Vacation Responder
5. Review your ‘Send mail as’ settings to make sure they are using your correct email address.
Settings >> Accounts and Import >> Send Mail As
6. Check for Bad Filters. Delete all suspicious Filters : Go to settings –> Filters. Check if they are having any filters. Double check if those filters are made by you or not. If you are not sure about a filter, delete that right away. These filters can put you in trouble. Never ever compromise with your Gmail account. Treat it seriously and never entertain anything that you are not aware of.
7. Check your ‘Forwarding and POP/IMAP’ settings for accuracy.
Settings >> Forwarding and POP/IMAP
Make sure you aren’t unexpectedly forwarding or downloading mail from anywhere; spammers frequently change these settings to ensure you continue sending spam even after changing your password.
8. Check for viruses and malware first. If your password was stolen by malware, running a scan first before changing your password can help avoid your password being stolen again. Run a scan on your computer with a trusted anti-virus software. If the scan detects any suspicious programs or applications, get rid of them immediately.
9. Always try to use your own PC when logging to Gmail account. If you don’t have other option than accessing through public PC, always remember to logout before leaving the computer. Check for key logger programs before logging. (A Keylogger is a computer program which can be used to record what you are typing in the keyboard. The Keylogger records your keystrokes, saves them in a simple text file and sends it to an email address or to an FTP server. And you are completely unaware of the whole process, running in the background.)
10. Should you need to check emails from a public computer or from a local internet cafe and you fear that the computer might have installed some keylogger programs? Here is a nice workaround.
Create another Gmail account and choose a different password for this account. This means that the password of your new Gmail account should not match with the password of your main Gmail account.
Log in to your main Gmail account, click “Settings” and go to the “Forwarding and POP/IMAP” tab.
Select the option to forward all incoming mails to your newly created Gmail account. Any email received in your primary email account will be forwarded to this secondary email address automatically.
Whenever you want to check emails from a public computer, use this secondary email account. Anybody trying to hack your email account using a keylogger or a malicious program can hack this secondary email account but not your primary one. Obviously, do not leave any important emails or password/username in this temporary email account – keep deleting emails at regular intervals. Yes, this may sound ridiculous but it’s better to be on the safe side.
VERY IMPORTANT: Do not use or associate this secondary email account as a password recovery option of your primary email account. Use this email account just for checking emails at a public computer, that’s it.
11. Regularly Monitor Gmail Account Activity. You can monitor the IP addresses of the computers used to log in to your Gmail account. To find the IP addresses, log in to Gmail, scroll down and click account activity details link as shown below:
To solve this issue, click the “Sign out of all other sessions” button and Gmail will automatically delete all the active sessions of your account. Next, immediately change the password from your Google accounts settings page.
12. Do not click on any link you get via email. People get emails from different organization and societies asking them to click on a link. When they click on that link, they share their login details with the hackers. if it’s necessary to click on a link then keep your mouse cursor on that link, look at your browser’s status bar, if you find it all right, then go for that link. Else hit delete button. Remember that you have to be careful enough to get along with Gmail.
13. Never reply to any unknown emails. Hackers are even more smarter that you think. They apply every alternate method to hack your mail accounts. One of the tricks they apply is sending some mails. After sending emails, they eagerly wait for your reply mail. This is possible to track your IP address from your e-mail. once they get your IP address, they will use their brain to hack your Gmail login details. So, be smart. Never reply to any unknown email from your Gmail account.
14. Always download and install the latest updated version of your browser. Browsers get updated because their earlier versions are not smart enough. Updated versions patch few holes and security issues constantly. So, it’s better to allow your browser to auto install the latest versions as they improve their phishing filters regularly. Hackers try hard to find out the holes inside a browser and then figure that out. Once they did their try and error method, they will find victims. If you are the unfortunate one with some old browsers, they will attack you remotely using some tools. So, always use the latest versions to keep your Gmail safe.
