(Update: Please see followup item on the risk of total data loss and how to avoid it.)
As mentioned yesterday morning, my wife's Gmail account was taken over by what has proven to be a very destructive hacker. The spam message the hacker sent out seemed droll; the consequences turn out to be less amusing. In my nearly 30 years of using electronic communication, this is the most troubling episode I've been involved with.
I'll give more blow-by-blow later on, when we've finished with the situation. For the moment, here are some prophylactic tips that I'd blame myself for not saying sooner, if applying them today protects people who might otherwise have similar problems tomorrow. For more details, I include references to the Official Gmail Blog:
1) If you use Gmail, please strongly consider switching to the two-step authorization system. What I really mean is, "you should switch to the two-step system, and you should do it now."
With this system, you enter your Gmail account with your user name and normal password -- but then you must also enter an additional authorization code, generated in real time and sent to your mobile phone. It's similar to the authorization schemes that some banks and corporations use.
This is more cumbersome than the normal system, but in practice is a lot easier than it sounds. If you're at your normal home computer, you can choose to be prompted for the extra code on that computer only once per 30 days. Even when you don't activate that, if you have your mobile phone with you entering the code adds maybe 5 seconds to the log-in process. (For times when you don't have your mobile phone, there are other work around procedures, explained when you sign up.)