Has anyone ever had their Gmail account hacked? I received an email from Gmail saying:

Someone recently tried to sign in to your Google Account. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

Then it listed the time, the ip address and location.

Strange. I guess I should sign up for Lifelock...

I had a gmail account compromised once. weak password. Dumb on my part. Got a notice to an alternate account. fixed the pw and only issue since is that account now gets spam inflow where now existed before. it all gets ditched unopened. had a plan for the account that never got off the ground, but kept it all the ame. gets opened about 1-2 times a month just so it isn't lost to inactivity (uncertain if g accts. can be lost that way though.

Had my Yahoo email compromised. I went in, cleaned out my contacts to only a select few, and changed my password to a number/character/uppercase/lowercase that was so complex, I had to write it down. I then changed all my passwords to Facebook, Amazon, et al...

Has anyone ever had their Gmail account hacked? I received an email from Gmail saying:


Then it listed the time, the ip address and location.

Strange. I guess I should sign up for Lifelock...

Lifelock won't do crap for you, and doesn't actually protect you.

I've had the same thing happen twice. Once the IP was in Haiti, the other time it was somewhere in Russia. Changed my password early (I change my important passwords monthly) and just moved on.


I had a gmail account compromised once. weak password. Dumb on my part. Got a notice to an alternate account. fixed the pw and only issue since is that account now gets spam inflow where now existed before. it all gets ditched unopened. had a plan for the account that never got off the ground, but kept it all the ame. gets opened about 1-2 times a month just so it isn't lost to inactivity (uncertain if g accts. can be lost that way though.

I've had an account hacked (not an email account) exactly once. And every password I have for anything more important than a forum is at least 16 characters long and has all the modifiers allowed. Personal experience and multiple studies have told me that it doesn't matter unless your password is "password" or a variation of it...Or something else equally stupid like "12345". Best practice is to actually us a phrase, spaces and all if they're allowed.

My wife received a similar notification. She just changed her password to something more complex (combination of a word with the integration of at least one number and at least one capitol letter). Also, like me, she now changes her passwords on a monthly basis and doesn't use the same password for different accounts.

As for LifeLock - don't bother. Its a waste of money and nothing you can't do on your own for free. They've been busted and fined for the scam they run.

Yeah, Lifelock is a scam. If someone writes checks on your name or signs contracts or charges things on your credit cards, that's not your problem, that's the bank's problem.

I once had an idiot mover steal my checkbook and write about $600 in forged checks. He did time in jail (several months), the bank immediately replenished my funds and the big guy had to pay restitution to the bank.

My wife had her credit cards stolen once. The thief bought himself a nice new Xbox 360 at Walmart. The card's own fraud protection kicked in when the thief tried to charge a meal at Church's (because I guess they figure that's a place we'd be unlikely to visit).

In the past (don't know about now) - all LifeLock did was place a hold on your credit. Meaning that if anyone tried to open an account based on your credit they would be denied. This is only temporary and has to be renewed on a semi-regular basis. Anyone can do it for free with the 3-4 top credit agencies. LifeLock claimed they were charging for the 'convenience' of doing it for you. I have no problem with that - I pay for 'convenience' all the time. The problem is they were less than honest about what they were doing and how much it protected you.

Nah, I've placed holds on my accounts with all three agencies. It's about $10 to $15 per agency to place your information on lockdown. It's also a tremendous pain in the ass to have a credit check run because you have to call or login, input your login/password and open your reports for a prescribed amount of time.

It seemed a necessary step though after I got a call from the Secret Service informing me that someone was using my identity (or something like that) elsewhere (or attempting to do so).

Nah, I've placed holds on my accounts with all three agencies. It's about $10 to $15 per agency to place your information on lockdown. It's also a tremendous pain in the ass to have a credit check run because you have to call or login, input your login/password and open your reports for a prescribed amount of time.

It seemed a necessary step though after I got a call from the Secret Service informing me that someone was using my identity (or something like that) elsewhere (or attempting to do so).

Didn't realize they started charging. Most likely because of groups like Lifelock implementing 1,000's of holds at a time. I did it maybe 12 years ago after someone was trying to open account in my name. No charge then and a pretty simple process (basically fill out a form). I think it had to be renewed then maybe once or twice a year.

That said, I believe Oklahoma law states that if you are a victim of identity theft you can still place a freeze for free.

Now I just do the free credit check each year and look for anything odd.

I've also heard there are different options - freeze vs. Fraud Alert, etc.

*Or, as many American's do - completely protect yourself by ruining your credit all on your own! Then nobody can steal your identity because it isn't worth anything.

In 2010 LifeLock was fined $12 million by the FTC for deceptive advertising. I recall getting a small check for my "damages" as a previous LifeLock customer. In my opinion, the deception hasn't ended.

They promise a "$1 Million Identity Theft Service Guarantee," which makes it sound like they'll cover your losses up to $1 million. No - they will pay up to $1 million to hire people "to help your recovery."

That's like an insurance company offering a "$1 Million Automobile Theft Service Guarantee," making you think that you'll be paid up to $1 million if your car is stolen, only to find out that they'll pay up to that amount to help you find it, but nothing for your actual loss.

Big difference. Bad guys. You can do most of this yourself for free.

Thanks to everybody for the advice, especially about LifeLock - I was seriously thinking about joining, but will avoid them now.

My passwords are not super complex, but are not simple either. I doubt anyone could guess, even with a thorough knowledge of my history (rather random).

Sid - I saw the 2 factor option, and wondered if it was too painful, but it doesn't look that bad, I think I will give it a try.

Thanks again, this thread is a great example of why I like OKC Talk...

I would also suggest that you make sure the email the OP got was indeed from who it said it was. Whenever I get emails like that i NEVER click on any links in the email etc but go directly to my account and make changes there. otherwise it may be an attempt to get your info. I have seen the attempts with EBay, PayPal, AOL etc

I would also suggest that you make sure the email the OP got was indeed from who it said it was. Whenever I get emails like that i NEVER click on any links in the email etc but go directly to my account and make changes there. otherwise it may be an attempt to get your info. I have seen the attempts with EBay, PayPal, AOL etc

This. More particularly, this when it involves a financial institution. I can't even begin to count the number of emails I've deleted unopened over the years that had urgent subject matter lines, all allegedly sent to me from banking institutions where I did not conduct business. I also can't count the number of conversations I've had with fairly well educated people who seemingly have a click compulsion ... one where common sense is overridden when some officialish looking email says hey click here then directs them to enter their information so it can be protected. sigh.

I get emails on a semi-regular basis letting me know someone clicked the 'reset' or 'forgot' password link on my YouTube, PayPal, Wordpress and email accounts. I assume they are hoping for a reset tied to a Q&A that they can figure out and thus gain access to my account(s).

kevinpate: exactly. Often will have a generic salutation ("Valued EBay customer") and ask you for information that they already should have (just to verify of course). Also they seem to have a few typos.

I would also suggest that you make sure the email the OP got was indeed from who it said it was. Whenever I get emails like that i NEVER click on any links in the email etc but go directly to my account and make changes there. otherwise it may be an attempt to get your info. I have seen the attempts with EBay, PayPal, AOL etc

Yes. I did not click on the link, but went to gmail through normal channels.