I'm good. It's just that there are have been a few updates to the situation, neither good:
I. I re-contacted Google a while back, looking for potential help from higher-ups. The team that contacted me the second time tried to perform a more thorough check than the first one to determine my ownership of the account. It went wrong, to say the least. They decided to check the logs to confirm the fact that the hacker changed my recovery email & to ultimately confirm that the account was indeed mine. Some people may not know this, but you don't need to create another email to serve as your recovery email, you can just put in a lot of random nonsense and then @gmail.com/Hotmail/whatever.com at the end when you're setting up your account, because Google's "lost your password?" system doesn't require you to log onto the recovery email itself, just to inform the email to the Google bot. The problem was, when I originally created my account, I didn't keyboard mash. My recovery email was structured like this;
- First initial of my name + the rest of the name typed out (example = [email protected])
Which meant that my recovery email could be potentially guessed, even if very unlikely, by someone who had access to my name. The Google team who contacted me the second time around noticed this and said that my knowledge of the original recovery email wasn't conclusive proof, even if it did suggest that I knew some of the account's credentials. What actually troubled me was something else;
II. I am currently using Hotspot Shield, mostly out of fear. In the recent past, when I first joined VBW, I used a combination of Tor + Hotspot Shield whenever I browsed the web due to paranoia of being potentially tracked. I stopped doing this since then, but when I go into...certain websites, I still toggle Hotspot Shield just to be sure. Sometimes I forget to close it when I'm logging onto my email, which triggers Google's "you're logging from another device, please confirm that you're the original owner" thing, and forces me to use my phone number or recovery email to log on and confirm the ownership. The Google team who contacted me checked the logs and noticed relatively recent instances of the account being accessed from different IPs somewhere north of Florida in the United States (the general location of my Hotspot Shield fake IPs). One of those instances was just two days before my account was stolen. In reality those occasional different IP accesses were nothing more than me using Hotspot Shield, but the support team began to suspect the following:
- I was actually the hacker in the story, having managed to receive access to the account by guessing the recovery email due to me knowing the "owner", who changed the recovery email to stop me from logging into his account.
Yes, this actually happened. They didn't outright accuse me of doing so, but they mentioned the possibility and decided that the situation was too "inconclusive" to give me my account back and advised me to either seek help elsewhere or drop the issue. And to make matters worse, I was using Hotspot Shield during my email altercation with them, with the same general IP as in those instances.
II. As a result of the above,
the hacker was alerted by Google of the dispute over the account. He has now finally imposed a time-limit because of the "stunt I pulled". I have three days left. I've contacted some distant family members for help after this but they haven't replied to my WhatsApp messages yet, since this pretty much just happened.
I don't know what else I can do, sadly, but I am maintaining hope this'll be over soon.