1) Check Account details, to see if you recognize all of the access points for your accounts.
Go to your gmail Inbox, and go all the way bottom right, and click on Details (you might need to scroll down)
A new window will open.
Check that all activity looks legitimate. From time to time, it might be also wise to select “Sign out of all other web sessions” (especially if you login and forget to logout on public access computers)
2) Check for Suspicious Filters
To access the filters, go to your Gmail inbox, and select the Gear (top right), and select Settings
From the Settings, select Filters
Check to see if you have any strange filters. If you don’t know what filters are, you shouldn't have any!
(your screen should look like the following)
3) Check for Forwarding Rules
To access forwarding, go to your Gmail inbox, and select the Gear (top right), and select the Gear (top right), and select Settings
From the Settings, select Forwarding and POP/IMAP
Check to see if there is Anything Suspicious. Most likely you will have IMAP enabled, but no forwarding rules and/or POP settings
4) Check Contacts
To access your contacts, go to the Gmail Inbox page, select the Gmail Icon under the Google icon, on the top left of the screen
See if your contacts look normal. If your contacts disappeared and/or are suspicious, you can restore them up to 30 days from the past (from More / Restore Contacts)
5) Check Sent Mail
Go to your Sent Mail folder, and look for suspicious emails you never sent.
To access Sent Mail folder, go to your Google gmail page, and select Sent Mail folder
6) Enable two factor Authentication
The most important step of all is to enable security so that your account cannot be compromised in the future. To do this, enable a two factor authentication.
Here is a good starting link on how to do this:
Two factor authentication is just something you know (a password) plus something that you have (for example your cell phone)