Gmail is the most renowned email service used by many people and business organizations in the world, with the growth of user base Gmail possess a great threat of being exploited. Leaving a small hole in security may cause a drastic damage to the whole website and the service. Though it is a free service which doesn’t have to answer any of it’s users for data loss or hijacking problems Gmail took a major step towards security to save it’s user base by adding an extra security layer, 2 Step verification for Gmail accounts.
Google also keep tracking your gmail logins and will report it to user verification in case of any suspicious logins. If you sense anything fishy, of being hacked you must enable the 2 step verification. Before going to see that let us see some types of hacking. So, that you can prevent/guess the level of threat you possess.
There are 2 famous and most used ways to hacks Gmail accounts
Phishing is the oldest and the most famous way to bluff users and hack their info. So, What is this process and how can you be hacked and what is the threat level?
One evening when I was browsing through all my emails, I found an email stating you got an offer of “90% discount on iPhone” to get access to the offer please click on the link. When I clicked on that it redirected me to a page exactly like gmail login page. I entered wrong credentials still it took me to a fake page of showing some odd offers about iphones and all the other expensive stuff. So, what had happened in the process.
Hackers wanted sent me a phish link or you can call it fake page link (the page which looks exactly like a gmail login page).Since, I know the threat I’ve entered the wrong credentials just in case to confirm. Later, came to know there are phish pages which can actually act like original page, means if you enter wrong credentials you cannot pass the login page it shows error message exactly as gmail login page do, too much realistic right?
What happens when you enter your credentials.
That page is programmed as such to save your data and let you go to another fake offers page which they have promised or lured you to make you click on the link.
What is the prevention?
- Check for the green lock symbol on the left side of the address bar
Make sure it is a google link, you may ask what if hackers use google sites for this process.
- No, they couldn’t google will automatically delete such sites with in no time they are created.
- Don’t ever try to confirm just by entering wrong credentials, as I’ve stated earlier some phishing pages have validators too.
- 2 Key logger.
You may receive an email regarding some new movie download or one of your favourite song saying “click here to view/listen the movie or song”. www.gmail.com When you click on the link it starts downloading a “.exe” file( asking you to install to see the movie or listen to your song) which is a keylogger, Tracks and records all your key strokes and sends it to the hackers. It can be prevented too by not clicking or at least not running those miscellaneous files.
There is a better step to prevent anyone logging into your gmail account even if they know ur credentials. that is by enabling 2 step verification for your account.
How to enable 2 step verification
This is a historic step towards security authentication by google to preserver user privacy to the core. Which make google authentication just not limited to your credentials if someone have to login into your account they may need your mobile phone too. Here’s how to activate this process of verification.
- Login into your gmail account or google account and then go to google account settings by clicking on the setting inside cog on the right side of your page .
- Then go to security in the page opened. Once you click on that you can see an option of 2-step verification then click on settings near 2-Step verification.
- Start the setup by clicking on the start setup.
- You must verify the mobile you have lined to you account. For this Google automatically sends you an OTP which you have to enter in the specified field for confirmation. Make sure you have given your permanent number because the future OTPs to login into Gmail or google account will be sent to this phone number.
- Click on next after entering the OTP
- Recheck mobile number before you press confirm.
- When asked for create new passwords you can create some passwords or simply click on do this later.
Now, everytime you or someone else logs in to your gmail account a OTP will be automatically sent to your mobile phone as an extra layer of security and this code is short lived.