How to recover your hacked Google account.
Getty Images
Update, August 4, 2025: This story, originally published on August 3, has been updated with a new report regarding phishing and credential theft trends as Google confirms account hacking spike and issues guidance for attack recovery to impacted users.
Google has confirmed that there has been a massive spike in the number of attacks against Google users, specifically being password-stealing threats delivered by email, which increased by 84% last year — a worrying trend, Google said, that has “only intensified in 2025.” If you need proof of the danger of these infostealer attacks, I could point you to any number of reports, but to be honest, you’ve probably already read them. Far better, then, to point you instead at the advice that Google has issued regarding how to recover your account if it gets hacked.
Help — My Google Account Has Been Hacked
Take a quick peek at the Google online support forums, both official and those on Reddit, and you will soon realize that there is a constant stream of messages from people asking for help to access their hacked accounts.
The July 29 Google announcement by Google’s senior director of product management, Andy Wen, confirmed the extent to which this is an issue. “Attackers are intensifying their phishing and credential theft methods, which drive 37% of successful intrusions,” Wen warned. Wen also noted that Google has observed an “exponential rise in cookie and authentication token theft,” being employed by hackers in compromising accounts.
I have covered the steps to take in order to mitigate these attacks in various articles here at Forbes.com, and I suggest you go check them out. But what if the worst happens and you fall victim to a Google account hacker and find yourself locked out of accessing your precious account? The account that, among other things, opens the sensitive data vault that is your Gmail inbox. Don’t panic, Google has got you covered.
If your Google account has been hacked, or you find yourself locked out for whatever reason, there’s a helpful official online guide to recovering access in just a few simple steps.
- Point your web browser at g.co/recover and enter your Gmail address. Be sure too use a computer or phone that you’ve used to sign into your account before, and use your usual browser at a location you usually sign in from.
- Answer the questions Google asks to the best of your ability. If you can’t remember your password, use a previous one that you can or “take your best guess,” as Google suggests.
- You may be sent a security code to your recovery email or phone, authenticator app or a direct prompt on your device. Note, however, that “Google never asks for your password or verification codes over email, phone call, or message,” that will be a hacker.
- Reset your password when prompted.
New Cisco Talos Report Adds Weight To Google Credential-Harvesting Warnings
Phishing has remained the prominent method of initial access for hackers, Lexi DiScola, an information security analyst with the Cisco Talos Intelligence Group, warned in a summary of the latest intelligence analysis report from Cisco Talos. And most of these phishing attacks involved credential harvesting, which adds weight to the warnings from Google about password-stealing threats to users. “The objective of the majority of observed phishing attacks appeared to be credential harvesting,” DiScola said, “suggesting cybercriminals may consider brokering compromised credentials as simpler and more reliably profitable than other post-exploitation activities, such as engineering a financial payout or stealing proprietary data.”
The use of legitimate and trusted email accounts is a primary aim of attackers, enabling them to potentially bypass “an organization’s security controls as well as appearing more trustworthy to the recipient,” DiScola warned. In one case cited in the report, victims were directed to a fake Microsoft Office 365 login page requiring a fake 2FA input, “likely so the attacker could steal users’ credentials and session tokens.” All users, not just those of the Google platform, need to be alert to the risk.
Source link
