This happened to someone I know: their Gmail account was hacked and used to send spam to everyone in the Gmail address book. The Gmail Help gave useful option settings for preventing the problem. So the rest of us should use the settings before our accounts get hacked.
If your account has been compromised/hacked/stolen you will need to check at least all of the following things:
Settings -> Accounts and Import -> Google Account Settings -> Change Password [pick a new secure password]
Settings -> Accounts and Import -> Google Account Settings -> Change Password Recovery Options [verify secret question, SMS and secondary e-mail address]
Settings -> General -> Signature [make sure nothing as been added]
Settings -> General -> Vacation Responder [make sure it’s disabled and empty]
Settings -> Accounts and Import -> Send Mail As [make sure it is using your correct e-mail address]
Settings -> Filters [no filters that forward or delete e-mail]
Settings -> Forwarding and POP/IMAP -> Forwarding [disabled or correct address]
Settings -> Forwarding and POP/IMAP -> POP Download [disabled]
Settings -> Forwarding and POP/IMAP -> IMAP Access [disabled]
The purpose of the above is to undo any changes a hacker may have done THIS time. They often make a number of changes to accounts which create problems if you don’t undo them.
Scan your computer for malware.
Switched to using https by default.
Additional InformationKeeping account secure: https://mail.google.com/support/bin/answer.py?hl=en&answer=46526
Protecting your account: https://mail.google.com/support/bin/answer.py?hl=en&answer=29407
If your account is compromised: http://mail.google.com/support/bin/answer.py?hl=en&answer=50270
How does it happen?
* Accounts left open in public places (even at work).
* Browser login/password auto-fill enabled on a computer others have access to.
* Hacks from other less secure sites (like Facebook).
* Keyloggers and malware.
* Network (especially wireless) breaches.
* A lucky password guess.
Someone else said:
Gmail should block IP addresses from accessing the accounts that are not within the account owner’s own geographical area. They could add a setting wherein international travelers could bypass that. It should be obvious that when a Chinese IP address (or Russian or Korean IP) gets into an account, it is up to no good.