If you believe your account has been compromised, change your GU password ASAP via the GU password change station.
Reviewing GU Gmail Account Settings
Verify Account Activity
- Log into your GU Gmail account.
- Scroll down to the very bottom of the main pane. You should see “Last account activity” with “details” below that.
- Click on “Details.”
- A new window should pop open. Click on the button “Sign out all other web sessions.” This will sign out all other sessions currently logged into your account.
- Review the recent activity table. Verify that the activities listed are yours.
- Close the window and go back to the Gmail page.
Verify Account Access
- In the top right hand corner, click on the gear button. In the drop down menu, select “Settings.”
- Click on the “Accounts” tab and verify that:
- In the “Send Mail As” Row, verify that your display name and Email address is correctly listed. Additionally, If there is a “Reply-to” address listed, verify that it is correct. If you need to make a change, select “Edit” and a new window should pop open allowing you to change the displayed name and Reply-to address.
- Under the “grant access to your account” section, no unauthorized accounts have been added. If there is an unauthorized account, remove it.
- Click on the “Filters and Blocked Addresses” tab and verify that:
- Filters applied to all incoming mail were created by you. Delete any filters not created by you.
- Review the list of blocked addresses and make sure they were created by you. Delete any blocked address not created by you.
- Click on the “Forwarding and POP/IMAP” tab and verify that:
- In the “Forwarding” section, there are no unauthorized forwarding addresses listed.
- In the “POP download” section, verify that POP is disabled unless you explicitly enabled it.
Verify Security and Connections
- Go back to the “Accounts” tab and click on “Google Account settings” in the “Change account settings” section.
- A new window or tab should open up. Click on “Sign-in & security.”
- In the main pane, scroll down to the “signing in to Google” section. Verify the last changed date.
- Scroll down to the “device activity and notification” section.
- Review the recent security events. Events include, changed password.
- Review the recently used devices and verify that the devices listed are yours.
- Scroll down to the “connected apps & sites” section. Verify that:
- The apps connected to your account are apps you are familiar with. If you are unfamiliar with any app, please remove it.
- You should have no synced passwords.
- Allow less secure apps should be set to “OFF.”