Secure a hacked or compromised Google Account

If you notice unfamiliar activity on your Google Account, Gmail, or other Google products, someone else might be using it without your permission. If you think your Google Account or Gmail have been hacked, follow the steps below to help spot suspicious activity, get back into your account, and make it more secure.

Step 1: Sign in to your Google Account

If you can't sign in

Go to the account recovery page, and answer the questions as best you can. These tips can help.

Use the account recovery page if:

  • Someone changed your account info, like your password or recovery phone number.
  • Someone deleted your account.
  • You can't sign in for another reason.

Tip: To make sure you're trying to sign in to the right account, try recovering your username.

Step 2: Review activity & help secure your hacked Google Account

Review your account activity

  1. Go to your Google Account.
  2. On the left navigation panel, select Security.
  3. On the Recent security events panel, select Review security events.
  4. Check for any suspicious activity:
    • If you find activity that didn't come from you, selectNo, it wasn't me. Then, follow the steps on the screen to help secure your account.
    • If you did the activity, selectYes. If you still believe someone else is using your account, find out if your account has been hacked.

Review which devices use your account

  1. Go to your Google Account.
  2. On the left navigation panel, select Security.
  3. On the Your devices panel, select Manage devices.
  4. Check for any devices you don't recognize.
    • If you find a device that you don't recognize, selectDon't recognize a device? Then, follow the steps on the screen to help secure your account.
    • If you recognize all the devices, but still believe someone else is using your account, find out if your account has been hacked.

Step 3: Take more security steps

Turn on 2-Step Verification

2-Step Verification helps keep hackers out of your account. With 2-Step Verification, you sign in with:

  • Something you know (your password)
  • Something you have (your phone, a security key, or a printed code)

That way, if your password is stolen, your account is still secure.

Contact your bank or local authorities

Make sure someone else didn't give your bank or government instructions, like to open an account or transfer money. This is important if you:

  • Have banking info saved in your account, like credit cards saved in Google Pay or Chrome.
  • Have personal info like tax or passport info saved in your account. For example, you might have personal info saved in Google Photos, Google Drive, or Gmail.
  • Think someone is using your identity or impersonating you.

Remove harmful software

If you think your account has suspicious activity, you might need to remove harmful software. To improve your account's security, install and run trusted anti-virus software.

You can also reset your computer to its factory settings and reinstall the operating system.

Install a more secure browser

Some internet browsers have security weaknesses. Consider using a more secure browser, like Google Chrome.

Help prevent password theft with Password Alert

If you enter your password on a non-Google site, Password Alert on Google Chrome notifies you. That way, you'll know if a site is pretending to be Google to steal your password.

Help secure your apps and devices

  • If access for less secure apps is turned on, we strongly suggest turning it off since it may make your account less secure.
  • Use your device's screen lock option if it has one.

Help secure other Google products you use

  • Gmail: Review these security tips, and remove any labels, filters, or forwarding rules you didn't set up.
  • Chrome: Uninstall extensions you don't recognize, and update Chrome to the latest version.
  • Google Drive: Review your activity and file versions for anything unusual.
  • Google Photos: If you see album sharing you don't recognize, stop sharing the album.
  • Location: Turn off Location Sharing that looks unusual.

Find out if your Google Account has been hacked

If you notice any of these signs, someone else may be using your Google Account.

Important: If you think someone else is signed in to your Google Account, change your password immediately for:

  • Your Google Account, if you didn't change it already
  • Apps and sites:
    • That you use the same password you used for your Google Account
    • That contact you through your Google Account email address
    • Where you sign in with your Google Account email address
    • Where you saved passwords in your Google Account

You can then check for and remove any unfamiliar devices signed in to your account.

Suspicious account activity

Unfamiliar changes to critical security settings

Correct the setting immediately if you see unfamiliar changes to these settings:

  • Your recovery phone number.
  • Your recovery email address.
  • An alternate or contact email address.
  • The name on your Google Account.
  • Your security question.
    • Tip: Additional security questions are no longer available.
  • Apps with access to your account.
  • I f this setting was turned on or off without your knowledge:
    • 2-Step Verification
    • Less secure app access
  • 2-Step Verification methods.
  • Location Sharing.

Unauthorized financial activity

Your financial activity might be suspicious if:

  • On Google Pay
    • You don't recognize purchases: To request a refund, report unauthorized charges.
    • You don't recognize one or more bank accounts, credit cards, debit cards, or gift cards: Remove a payment method you don't recognize
  • On Google Play, you don't recognize purchases: Report unauthorized charges.
  • On Google Chrome, payment info you don't recognize is set up: Delete unfamiliar payment info.
  • On Google Ads, you notice unauthorized charges or ads: Ask the Google Ads team to review your account for unusual activity.
  • On Google AdSense, you notice that payments aren't going to the correct bank account: Check your AdSense payment method.

Unusual activity notifications

Tip: To tell you about suspicious activity, we'll use your recovery phone number and email address.

We'll inform you of unusual activity through:

  • A notification about an unusual sign-in or a new device on your account.
  • A notification that there was a change to your username, password, or other security settings, and you didn't make the change.
  • A notification about some other activity you don't recognize.
  • A red bar at the top of your screen that says, "We've detected suspicious activity in your account."
  • Your "Device activity and security events" page.

Suspicious activity in Google products you use

Gmail

Gmail settings

Gmail activity

Your Gmail activity might be suspicious if:

  • You no longer receive emails.
  • Your friends say they got spam or unusual emails from you.
  • Your username has been changed.
  • Your emails were deleted from your inbox and aren't found in "Trash". You can report missing emails and possibly recover them.
  • You find "Sent Emails" that you didn't write.

YouTube

Your YouTube activity might be suspicious if:

  • Your YouTube channel has videos you didn't upload, comments you didn't make, or unfamiliar changes to your:
    • Channel name
    • Profile photo
    • Descriptions
    • Email settings
    • Sent messages

Google Drive

Google Photos

Blogger

Your Blogger activity might be suspicious if:

  • Posts you didn't publish appear on your blog.
  • You get comments on posts you didn't publish.
  • Your mail-to-Blogger address has changed, but you didn't change it.
  • Your blog disappeared or was blocked.

Google Ads

Your Google Ads activity might be suspicious if you find unfamiliar:

  • Ads that point to unknown links or destinations
  • Increases in your ad spend
  • Changes to account owners, managers, or users

Was this helpful?

How can we improve it?