The dominant smartphone operating system in India Android goes always saying that that Gmail happens to be the most popular mailing service.Now, it is important to safeguard your Gmail account as it is linked to Google services as well like Drive, Photos, Contacts and others. So, if someone manages to steal access to your Gmail account, basically that person has every bit of your personal data in control. Despite knowing this, most people tend to prioritise convenience and not bother to better secure their Google account. So, if you have a Gmail account, here’s what makes it easy cybercriminals to hack into it.

Most Gmail users still do not understand what exactly is phishing

Users are tricked into providing their personal information via web pages or emails that look legitimate, but aren’t. It’s often very difficult for users to identify whether or not it’s a legitimate mail or a phishing attack. Here’s a basic example of phishing, your friend wants control of your Facebook account. He then creates a duplicate Facebook login page (by using any of the free webpage creators) which looks exactly similar to the original Facebook page. Now, he drafts an email with a subject like “Facebook notification” with the body stating “Your mother wants to share your childhood pictures with you on Facebook. Click here to login to your Facebook account and allow her to do so.” Now, thinking that it’s your mother on Facebook, you click on the link to login to your Facebook account. The moment you click on the link, you are redirected to the fake duplicate login page and your login credentials get stolen.

In order to check how good are you at detecting phishing attempts Google has created a quiz. Take this quiz to test your phishing-detection skills and also understand how phishing works.

Without two-factor authentication, it helps phishing attackers to hack your Google account

Two-factor authentication (2FA) is the second layer of protection from password thefts. After using the credentials to login, Google would send you an OTP to confirm the login. The OTP can either be sent via SMS or the Google Authenticator app. This is an added safety net and is extremely helpful against phishing attacks. However, very few tends to use this. According to Google, one in three survey respondents (31 percent) said they do not use 2FA, or don’t know if they are using it or not.

It is important that you turn on 2FA authentication if you haven’t done it already. Set up two-factor authentication for your Google Account by visiting and clicking “Get Started.”

Not using strong passwords or using same passwords make it easy for people to hack your Google account

Do not use the same password for Facebook, Google and your online banking account. Create a unique password for each account. Also, do not keep easy passwords. Always opt for a combination of characters, numbers, upper and lower case letters for your password. Of course, if is difficult to remember passwords of different accounts. You can opt for password manager tools from Google. But it is not advisable to write passwords on a Google Doc sheet or some other cloud document app. Having said that Google suggests that it is okay to write your passwords on a piece of paper and keep it in a safe place, since hijackers are most likely to be online, rather than physically near you.