ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

"My Plight" - My Gmail Was Hacked, And I'm Not Alone!

Updated on January 11, 2015

The "With Tears in My Eyes" Scam Email

[9.17.10 8:13 AM] "My Plight": The Gmail hackers got me! They've hijacked my Gmail account, blocked me out, and sent scam emails to all my contacts. The email's subject was "My Plight." It claimed I'd been mugged and needed cash.

The hackers changed my security info, password, and secondary account. They set up a bogus yahoo account which appears as the "reply-to" on scam messages. Ten minutes after the first scam emails went out, I couldn't log in. I fought "Gmail's Account Recovery Form" for days, but I did get my account back... most of it, anyway.

I'm lucky. My Gmail contacts list was wiped, but at least my email wasn't erased. Many victims of this Gmail attack lose all their email, too.

If you've got a Gmail account, read on to learn how to protect it. If your Gmail was hacked, read on for how to recover and re-secure it!

The "My Plight" Email Sent to My Gmail Contacts

They sent it to my secondary account, too

I'm writing this with tears in my eyes,my family and I came down here to London, United Kingdom for a short vacation.unfortunately,we were mugged at the park of the hotel where we stayed,all cash and credit card were stolen off us but luckily for us we still have our passports with us.

We've been to the Embassy and the Police here but they're not helping issues at all and our flight leaves in few hours from now but we're having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills. Well I really need your financially assistance..Please, let me know if you can help us out?

Am freaked out at the moment!!

[My name].


"I'm supposed to cut back on dangling participles, and I'm not allowed to split any infinitives for at least another week." ~ radio announcer Vin Scully after minor accident

Nice of them to keep my signature about bad grammar while inflicting it on all my friends.

How To Secure Your Gmail

1. Follow the steps here: How to Protect Your Gmail Account.

2. encrypt your Gmail.

3. Follow Google's instructions on how to secure your Gmail.

4. Download your contact list! Also note the date you opened your account.

Other Gmail Hacking Victims - Reports around the Blogosphere...

Wow. Apparently this "tears in my eyes" scam is everywhere. (See also Gmail's Suspicious emails forum, inundated with hacking victims' pleas for help when I last looked.)

Email Safety Tip

Create a secret email address you use only with online banking and/or to access credit card accounts online.

If you post on news sites, blogs, or discussion forums that require an email address, create an "expendable" email address for this purpose. Hackers harvest addresses from these sites.

If You've Had Gmail Hacked

1. Fill out the Gmail Account Recovery form.

2. If and when you get in, follow Google's suggestions for securing your account.

Yes, I Take Security Seriously - And I was still hacked.

I've been using email since 1989, before the internet was even the internet. I have never before fallen afoul of phishing, hacking or malware (knock wood). Many people are blaming the following for this rash of Gmail hacking, but I do not...

  1. Use a weak password. I use alphanumeric passwords written in an invented language and/or several dead languages (inflected).
  2. Use a Smartphone app. I do not have a Smartphone.
  3. Connect to the internet from public computers like libraries and internet cafes, or from public wifi networks. I connect inside my own home.
  4. Access mail through Internet Explorer, Outlook, or a browser with extensions (Many hackers create legitimate-looking extensions that track your activities, infect or snoop on your computer.)
  5. Share a computer. Nope. Just me and the cat.
  6. Use poor computer security. Mac OSX has a pretty strong firewall. My home network is password-protected and encrypted (I ain't saying how), and my ISP provides minimal firewall protection as well.

How Did the Hackers Get In?

I don't know for sure, but this is a big no-no:

I hate having to write down passwords, so once I come up with a really weird one, I keep it. I had actually forgotten this password, I'd had it so long: it was on my computer's keychain!

So CHANGE PASSWORDS OFTEN. (Also, never use the same password for different accounts.)

3 Days and 2 Account Recovery Forms Later

Ack, I do NOT remember the month/day/year I opened my account!

Here's Google's reply to me.

Thank you for your report. We've completed our investigation and cannot

return your account at this time. We were unable to verify that you own

this account based on the information you provided.

If you can provide additional information to verify that you own this

account, please visit and submit

another report. Whether we can return access to this account depends on

the strength and accuracy of your responses, so be sure to provide as much

information as possible. If you're unsure about specific dates or

information, provide your best guess.

To create a new account, please visit

We apologize for any inconvenience and appreciate your cooperation and


FINALLY! I've Gotten My Account Back!

Google's Left Hand, I'd Like To Introduce You to Right Hand

[9.19.10 late afternoon] When I returned to the Account Recovery Options page to fill out the form again, I noticed that my "secondary email" was no longer the hacker's bogus account (partially starred out). It looked like it might be the email I had used for the Account Recovery Form. So I tried it. YES!

I logged in and found my contacts list erased, but NOT my email. I quickly did what Google suggests to secure your account after hacking. And then I downloaded years of Gmail to Apple mail, which is not easy.

Google Is Reacting to Hackers - This is good to see...

Twitter User's Gmail Hacked
Twitter User's Gmail Hacked

I caught this on the Twitter search above. It looks like Google is battening the hatches.

IDEA: Set Up a "Hidden Mastermind" Account

Create an invisible Gmail account to manage your email

Your email address is how people know you, so you have to share it. However, it's also the way YOU log in and organize all your mail and personal data. So here's something I've created as an extra layer of securty (besides downloading all mail offline). I've set up what I call a "Hidden Mastermind" account.

How to Set Up a "Hidden Mastermind"

1. Create an email account with a VERY secure password which you change all the time.

2. Import your mail to the master account.

3. Under "Check Mail," add all your working email accounts that people know you by. So the master will now collate mail from those accounts.

4. Always send email messages from a "known" public address -- one of those people know you by -- and never by the mastermind. In Gmail, you can set a default "Send Mail As," address.

5. Set Gmail to reply with the email address a message was sent to.

6. NEVER use your mastermind address as part of a user profile or login info on any site, from your bank to Facebook (which has so many security holes it's scary).

A "hidden mastermind" account won't stop keylogging, hackers intercepting connections from Smartphones or public access points, or sophisticated Gmail Crackers. But at least it will be invisible to the majority of hackers, who are targeting email addresses they find on website profiles, forums and Facebook.

Google Responds

The rash of hacking over the weekend has reached Google's attention. I confess, one reason I made this page was to help the news go viral so they'd do something. Sorry, Google.

Anyway, Google is now going to unroll optional two-factor authentication. I think this is a good idea, provided it doesn't make it harder to get your account back.

The Bottom Line

You Get What You Pay For

Gmail is a free service. it's got useful features, but it's automated. If anything happens, you won't get much help.

So if you're depending on email for business, I am not sure Gmail is the safest choice. Email with a service provider that offers 24/7 tech support may be better. Look for ISPs and webhosts that include backup and data recovery, just in case a successful hacking attempt erases or screws up your blog, website, or email.

Have you had your Gmail hacked? Did you get your account back, or are you still waiting? Were your contacts and email wiped? Share your story below! And yes, you MAY post anonymously; just no spam or scams, please!

© 2010 Ellen Brundige


This website uses cookies

As a user in the EEA, your approval is needed on a few things. To provide a better website experience, uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at:

Show Details
HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
LoginThis is necessary to sign in to the HubPages Service.
Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
AkismetThis is used to detect comment spam. (Privacy Policy)
HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the or domains, for performance and efficiency reasons. (Privacy Policy)
Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
MavenThis supports the Maven widget and search functionality. (Privacy Policy)
Google AdSenseThis is an ad network. (Privacy Policy)
Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
Index ExchangeThis is an ad network. (Privacy Policy)
SovrnThis is an ad network. (Privacy Policy)
Facebook AdsThis is an ad network. (Privacy Policy)
Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
AppNexusThis is an ad network. (Privacy Policy)
OpenxThis is an ad network. (Privacy Policy)
Rubicon ProjectThis is an ad network. (Privacy Policy)
TripleLiftThis is an ad network. (Privacy Policy)
Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)
ClickscoThis is a data management platform studying reader behavior (Privacy Policy)