DIGITALSECURITYGUIDE If there are any other accounts here that you have not added, those accounts could have had unfettered access to all your mail and contacts - a sneaky intruder may also have checked the "Leave conversation unread…" box, so you wouldn't be able to tell if they'd read something. Reset any unwanted changes here as soon as you spot them. Another place to look is on the "Filters" and "Forwarding and POP/IMAP" tabs to check no-one's set up any rules to forward mail to a third-party address. This is less intrusive than delegated access, but can still leak a lot of stuff to someone who should not have it. Back on the main Account Settings page (that which is reached by clicking the user ID in the top right of any Gmail page and selecting "Account") is the "Account permissions" section. You will find it just under the Password options. This lists all websites and apps which have been granted access to your Google account - these might include things like mail client apps on mobile devices, or Google's own Chrome or Drive services. Some information should be given on what each entry means - look out for things you don't need or recognise. Check Your Filter, Forwarding and POP/IMAP In 2007, a famous designer, David Airey’s Gmail account is hijacked. To make the long story short, the hacking started when the user has its account signed on and he went to visit a bad site. The site added a backdoor to extract information from the Gmail account, and the backdoor is the Filter. Filters can potentially transfer emails as long as the victim has the filter in his account. 18