For most of us, our email address is the key to our digital castle, providing access to all of our other online profiles and resources. That’s why it’s so important to take precautions with our email accounts.
While Gmail’s built-in security protections are robust, few of us actually make full use of them. In light of the prevalence of hacking, phishing, and other forms of account takeover, I’ve compiled this article to provide you with the most important information you’ll need to keep your account safe. In that case, let’s get going.
Secure Your Gmail Account
Since every Gmail account starts out as a Google account, that’s where we’ll start strengthening security. I’ll assist you in reviewing the required settings to safeguard your account from typical threats. I’ll also demonstrate how to adjust some settings for increased security.
Start by activating two-factor authentication
Two-Factor Authentication (2FA) is an extra layer of account protection that necessitates the use of a second login secret, in addition to your primary authentication password (other than a password). That’s why it’s so important to set up and use two-factor authentication on your account. In order to activate it, do the following:
To activate 2-step verification, go to “Sign in & security” in your browser settings.
Enable Two-Factor Authentication
The second sign-in step requires you to use your phone, and after clicking “GET STARTED” on the following screen, Google will prompt you to do so using the Google Prompt app on your device. You may begin using it right away by selecting “TRY IT NOW,” and if your phone isn’t listed, you can add it by selecting “Don’t see your device?” Select “DON’T USE PROMPT” if you’d rather enter your phone number manually.
If you skipped the prompt and now want to use your phone number for two-step verification, enter it here and hit SEND. A verification code will be sent to your phone via Google. You’re done configuring it once you’ve entered it if prompted to.
Create a backup plan
When possible, include recovery information to use in the event that you lose access to a particular piece of data. To achieve your goal, you must:
Input or edit a recovery email
To add a new recovery email, go to “Recovery email,” select “ADD RECOVERY EMAIL,” and then enter the desired address. Changing the recovery email can be done by clicking the edit button.
Change or add a recovery phone
To add a new recovery phone number, go to “Recovery phone,” then “ADD RECOVERY PHONE,” then enter the number and go to the next step. Verify your phone number in Google’s system, and it will be added. To make changes, select the modifying pencil and enter the new recovery number.
Remove any unapproved software
The “indefinite-time pass” you give an app or website when you sign in with your Google is effective immediately upon login. That means it can log in to your account whenever it likes, however it can only see the data and use the features that you’ve given it permission to.
However, you know it’s not a good idea to give a complete stranger your house key. Similar to how it is safer to routinely check your account for unapproved and underused apps and revoke them, it is also recommended that you do this to protect your account. The steps are as follows:
Verify the accessibility of third-party applications
Now you can see all the apps that are linked to your account, or those that have been granted access to your account details. Selecting an app will bring up its data, such as the date it was approved and the permissions it has been granted, and from there you may select “REMOVE ACCESS” to revoke the granted permissions. I propose eliminating any and all potentially harmful, unwanted, or obsolete apps.
Fourth, disable insecure programs
The “Allow less secure apps” option is a security bypass that grants access to your account to programs with subpar security. Though it’s best practice to leave this disabled, you may have enabled it so that you may read your email in a desktop client like Microsoft Outlook.
However, this setting should be disabled, and if an insecure app is essential, you may always hunt for an alternative. You can, for instance, start using the offline features of the new Gmail to read, reply to, archive, and delete your emails without an internet connection.
Turn off insecure programs
Verify Important Financial Occurrences
Google does keep an activity log of your account, which is a good security feature for detecting and tracking potential hacking attempts or illegal accesses. Any unusual activity, such as a new account or change in details, should be reported immediately. Let’s see if there’s a way to verify this log:
Check the “Recent security occurrences” and “Recently used devices” tabs for any unusual activity, such as a login from an unfamiliar location or device. To take a closer look, select either “REVIEW EVENTS” or “REVIEW DEVICES.”
Fortify Your Gmail Account
After you’ve completed all the necessary steps to secure your Google account, it’s time to turn your attention to Gmail. Since we’re discussing email security here, it’s crucial that you take the time to familiarize yourself with Gmail’s built-in protections.
1 Verify your Gmail’s preferences.
Let’s make sure everything is in order with your Gmail account by checking its settings. While Gmail’s security features are limited, they are sufficient for protecting your inbox. Let’s start configuring your email client now.
To begin, open Gmail’s settings by clicking the gear/clog symbol.
Please choose the appropriate boxes in the following tab:
- Verify that the signature hasn’t been tampered with or if it contains any unrecognizable or foreign links.
- Google Mail Signature Verification
- The vacation responder should be activated or deactivated as per your settings, and the message itself is correct.
- You may want to double-check your away message setting.
- Sections for Accounts and Import
- Make sure the following are checked in this menu:
- Reply-to-Email As: Check to see that all of the email addresses given here are legitimate ones.
- Unless these are all your email addresses, you are accessing the inboxes of complete strangers.
If you want to grant access to someone, you should make sure that their address isn’t listed here. If this occurs, then you should immediately change your password to prevent unauthorized access. To remove a delegated individual, simply click the Delete button next to their name.
In Gmail, go to the Settings menu, then Accounts and Import.
Tab for Filters and Blocked Email Addresses
These items can be found in this menu item:
- Email filtering: Disable any further filters you may have set up. Do away with any filters you find to be questionable.
- Check this section to see whether any important or frequently used email addresses have been accidentally added to the list of blacklisted senders. If that is the case, the block must be removed.
- Verify the Gmail section labeled “Filters and Blocked Addresses.”
- POP/IMAP and Redirect Tab
- The following boxes need to be checked off under this heading:
- Check to see that your emails are not being sent to an unauthorized recipient. If you discover an unknown email address, you should get rid of it.
- Inspect whether or not Post Office Protocol (POP) has been activated without your knowledge.
- If you are not using IMAP, be sure that it is disabled.
- Gmail’s POP/IMAP and Forwarding tabs need to be inspected.
Delete or block an email address
You can block a sender if you receive an email from them that makes you suspicious and you do not want to continue receiving emails from them. Emails he sends in the future will be classified as Spam when you check your inbox.
Here are the measures to take to prevent an email from being sent to a certain address:
Read an email from the address you intend to blacklist.
Choose the option that begins with “Block” from the drop-down menu that appears when you click the settings cog in the upper right corner of the message.
Sending spam or phishing emails?
If you use an email account that many people have access to, such as your work inbox, you may be the target of phishing or spam attempts. Of course, no one enjoys reading spam at work, and if you feel the same way, you can report the emails as spam and Gmail will label them as such going forward.
Follow these instructions to report questionable emails:
Launch Google Mail and access an obviously malicious email.
To notify Google of a suspicious email, select the gear symbol in the top-right corner and then either “Report phishing” or “Report spam,” depending on the nature of the email.
Google Mail’s Spam and Phishing Reporting
If you use Gmail, I hope you’ve found these tips on how to keep your inbox safe to be of use. Because an attacker can gain access to your emails if he gains control of your computer or your surfing session, it is imperative that I remind you to take care and observe the safety guidelines while using the web.