What should you do if you fall for a phishing scam?

Statistics show that over 30% of phishing emails get opened, with the number of phishing attacks on organizations doubling since 2020. Because scammers are getting more and more sophisticated, it’s easier than ever to fall for one of these schemes. But that also means that anyone who accidentally clicks a link to a phishing website needs to know what to do next.

This article will discuss what you should do if you fall for a phishing scam and click the link, so you can protect your device before any damage can be done.

What is a phishing scam?

Before we get into what actions you should take if you fall for a phishing scam, we should go over what this type of cyberattack entails and what the attacker hopes to achieve. 

Phishing is when a scammer sends an email or a text message (SMS) pretending to be from a well-known, trusted source, such as a governmental organization, an Internet service provider, or a bank. 

One common goal of these scammers is to trick the recipient into clicking a link or opening an attachment within the email. The link or attachment then launches executable code, installing malware onto the victim’s device. 

However, there are phishing scams that do not install malware and instead pressure victims into manually giving up their details over the phone or by submitting them via a fake website. Using these details, the attacker can commit fraud by stealing money directly from the victim or creating new accounts under the victim’s name.

Information that can be stolen by phishing scams can include:

• Log-in credentials, both for personal and business accounts
• Bank details
• Credit card numbers
• Social security numbers
• Personally-identifiable information (PII)

What happens if you click on a phishing link?

If you receive an email that looks suspicious or is from an unfamiliar source, we advise you not to open it,  or if you do, do not click any links or attachments within the email. Unfortunately, many phishing scams are very well designed, and even the most careful of people can sometimes be fooled into believing the email is from a legitimate source.

Let’s walk through what happens if someone accidentally clicks a link within the scam email. 

Clicking a link or opening an attachment runs the risk of your device becoming infected by malware, malicious software that can grant the hacker remote access to your machine, allowing them to steal passwords and download files. This is all done behind the scenes, so the victim has no idea that their device has been compromised.

Here are two examples of how the installation of malware could be achieved:

1. The link within the email could direct the victim to a malicious website that resembles your online banking log-in area or a government website. Using keylogging software (a type of monitoring software that records keystrokes), the attacker can record the login credentials you enter. 
2. Opening an attachment within the email could prompt a background download of malicious software that automatically installs on your device. This can result in various attacks, such as a man-in-the-middle attack, ransomware, or spyware. 

A recommended way to protect yourself from phishing scams is by checking the legitimacy of a URL using a tool like URLVoid or Sucuri SiteCheck. 

How to spot phishing emails

Although many phishing scams can be quite sophisticated, most contain recurring features that make them easier to identify when compared to a genuine email:

• The use of threatening, intimidating language
• A generic greeting and format
• Spelling mistakes and poor grammar
• The URLs are in a different format from that of the legitimate organization
• Reward claims that sound too good to be true from competitions you haven’t entered

Always remember that your bank or any other legitimate organization will never ask you for your personal information via email or text. Therefore, if you receive such correspondence, you should flag it as spam and delete it. 

What to do if you fall for a phishing scam

Knowing what to look out for in terms of spotting potential phishing scams is the first step, but what if you have already clicked on a malicious link? In this section, we will talk you through your options to help minimize the risks.

Disconnect from the Internet

The most critical step after clicking on a potential phishing link is disconnecting your device from the Internet. Do this by disconnecting your Wi-Fi, unplugging the Ethernet cable if it’s a physical connection, or turning off your router. 

This can stop the spread of the malware to other devices on the same network and potentially stop the execution and installation of the malware on your device. 

Perform a backup

Once you have disconnected from the Internet, it is then important to back up your data. This is because a phishing attack can wreak all kinds of havoc on your device, from deleting files to holding important documents for ransom. 

Once offline, create a backup of your valuable documents, photos, and whatever else you do not want to lose. These files can be stored on an external hard drive or a USB flash drive since you are performing the backup without an Internet connection. 

Scan your device for malware

Using the anti-virus software installed on your device, you should perform a full virus and malware scan as soon as you have backed up your important files. The scan will determine if your machine is infected, and once the scan is complete, any malicious files will be listed, giving you the option to delete or quarantine them. 

Change your passwords

If you have any passwords and log-in credentials stored on the device, you should change them immediately. You should also inform your bank or credit card company of a possible breach if you have these details stored on your Internet browser. Your financial institution can help prevent fraudulent activity on your account even if the hacker manages to harvest your passwords and PII. 

As well as your financial details, you should also change your passwords on social media accounts, email, and anything else that could be potentially compromised.

We recommend always using a unique password for each account. Using the same password for multiple accounts or slight variations of the same password can make life very easy for cybercriminals. 

Set up multi- or two-factor authentication (2FA)

Multi or two-factor authentication can also provide an extra layer of security, and this option is usually enabled by default with many accounts that store financial information. If a cybercriminal attempts and fails to log in to an account, this will also ensure you receive a notification informing you of an unknown log-in attempt. 

Clear your browser history

Clear your cache and cookies in your web browser(s) so that the attacker does not have clear visibility of the accounts you use. 

Enable web content filtering

Enable web content filtering within your browser so that any future phishing emails can be identified. Doing so will stop any malicious websites from loading, even if you click the link. 

Report the email 

Once you have followed the above steps and reconnected to the Internet, report the phishing email so your email provider can add it to their blacklist. This will help ensure that any future emails from this sender will not make their way to anyone else’s inbox. 

Stay safe out there

Even though there are many telltale signs that can help you identify a phishing email or text, there are some very sophisticated scams, and even usually cautious Internet users can accidentally click the link.

Fortunately, the steps detailed above can help to minimize the impact of such an attack, ensuring the malware is not installed on your device and the software does not spread to other devices on the network. 

As a best practice, always use a different password for each account, keep multi-factor authentication and web content filtering enabled, and ensure any anti-virus software installed on your device is up to date.