5 Steps to Take After Clicking on a Phishing Link (2023)

  • Caregiving Topics
  • |
  • |Articles

Carrie Kerskie,
Griffon Force, LLC

5 Steps to Take After Clicking on a Phishing Link (1)




Phishing scams involve sending deceptive email messages that appear to be from trustworthy sources, such as a person you know or a legitimate organization you do business with. Phishing also occurs via text messages (SMS), which is referred to as SMS phishing or “smishing.” Scammers use this ploy to gain your trust so you will click on a link to a fraudulent website, share private information, or open an attachment on your phone, tablet or computer.

(Video) Steps to take if you accidentally click on a phishing link

What Happens If You Click on a Phishing Link?

Clicking on a phishing link or opening an attachment in one of these messages may install malware, like viruses, spyware or ransomware, on your device. This is all done behind the scenes, so it is undetectable to the average user. Once the malware has been installed, it could harvest your sensitive information, send out more phishing messages to contacts in your address book or provide a cyber-criminal with remote access to your device.

Unfortunately, phishing messages are becoming harder and harder to identify. Since these scams are increasingly sophisticated, there is a high probability either you or someone who uses your devices will fall victim to phishing at some point. For tips on how to protect yourself from these messages, read How to Spot a Phishing Email.

What to Do If You Click on a Phishing Link

If you happen to make the mistake of clicking on a phishing link or downloading a malicious attachment, follow these steps to minimize the repercussions.

  1. Disconnect Your Device

    The first thing you need to do is immediately disconnect the compromised device from the Internet. If you are using a wired connection, the easiest way to do this is to unplug the Internet cable (ethernet cord) from your computer.
    If you are connected through Wi-Fi, locate the Wi-Fi settings on your device and disconnect from the current network. If you cannot locate your Wi-Fi network settings on your device, then go directly to your Wi-Fi router and shut it off.
    This will reduce the risk of malware spreading to other devices on your network, prevent the malware from sending out sensitive information from your device and keep someone from remotely accessing your device.
  2. Back Up Your Files

    Now that you are disconnected from the Internet, you should back up your files. Data can be destroyed or erased in the process of recovering from a phishing attack. If you regularly back up your files using methods like an external hard drive, a USB thumb drive or cloud storage, then you may only need to back up files that have been updated or created since the last backup. Focus on protecting particularly sensitive documents and information as well as irreplaceable files like family photos and videos.
    If you have never copied your files to a backup device or program, I suggest selecting one of the storage methods mentioned above. The cost of external hard drives and thumb drives has fallen considerably over the years, and they can store a significant amount of data.
  3. Scan Your System for Malware

    Whom you choose to carry out this step depends on your level of technological expertise. If you are not very tech savvy, I suggest you take your device to a professional to have it checked for malware. Be sure to ask your friends and family for references. Just because someone says they fix computers or other electronic devices does not mean they know how to identify and safely remove malware.
    If you want to tackle this step yourself, perform a thorough, two-step scan of your system. After you have disconnected your device from the Internet, run a complete scan with your anti-virus program. (Proceed to the next paragraph if you do not have an anti-virus program on your device.) An error message may appear, notifying you that the program could not connect to the Internet. Ignore the message. You can still run the scan without access to the Internet, and you want to avoid reconnecting, which would allow any malware to continue running its course. The scan may take some time to run, so be patient. Do not do anything else on your device during this process. You will be notified when the scan has been completed. Simply follow the program’s instructions to remove or quarantine any suspicious files that are found.
    I recommend running a second scan with a free program called Malwarebytes. Use another device, not the compromised one, to connect to the Internet and download the Malwarebytes program here: https://www.malwarebytes.com/for-home/products. (I have provided the direct link because scammers often create fake websites offering “free downloads” of anti-malware software that are really just more malware in disguise.)
    Download the program to a portable storage device like a thumb drive, and then use it to install the Malwarebytes program on your compromised device. During the installation period, the program may ask you if you want to upgrade to a free trial of the “premium” version. Simply decline and install the free one. Once installed, the program will ask you to update the database. Since you are still disconnected from the Internet, you will not be able to do this. Decline and move to the next step of running a complete scan on your compromised device. The scan may take a long time to run, depending on the size of your hard drive. Be patient and do not do anything else on the device while it is running.
    After this second scan has finished, the program will provide you with the results. Anything suspicious will be marked. Follow the program’s steps to either clean or quarantine these files.
    Please note that some malware may be disguised as legitimate operating files, making it difficult for Malwarebytes and other anti-virus programs to detect. If you are still having issues with your device or want to be certain that your system is clean, it is best to be proactive and take your device to a professional.
  4. Change Your Credentials

    Malware may be used to harvest sensitive information, including online usernames and passwords, credit card numbers, bank account numbers, and other identifying information. If you think you have been tricked into acting on a phishing message, change your online credentials immediately. This applies to all online accounts—email, online banking, social media, shopping accounts, you name it.
    Do not make the mistake of using the same username and password for all your online accounts. This makes it much easier for criminals to steal your credentials, access your personal information and steal your funds.
  5. Set Up a Fraud Alert

    According to the FBI’s most recent annual Internet Crime Report, the American public lost a total of over $54 million to phishing attacks in 2020. To protect yourself, contact one of the major credit bureaus and ask for a free fraud alert to be placed on your credit report. This may seem like overkill, but it is better to be safe than sorry. The three major bureaus are Experian, Equifax and TransUnion. Once you have placed a fraud alert with one of these bureaus, they are required by law to notify the other two on your behalf. This will make it more difficult for fraudsters to open new accounts in your name.

Proceed With Caution

Phishing text messages and emails have become a dangerous yet unavoidable threat in the digital age. Your best protection is to err on the side of caution and use the “delete” button on emails and texts that seem sketchy. Remember, a legitimate organization or business will never ask you to share sensitive, personal information via insecure channels like email, text or pop-up messages. If the message is truly important, the sender will attempt to contact you through verified methods like telephone or snail mail.

Browse Our Free Senior Care Guides

5 Steps to Take After Clicking on a Phishing Link (2)

(Video) What Should I do if I Accidentally Click on a Phishing Link?


EXPERT Carrie Kerskie Griffon Force, LLC

About Carrie Kerskie

Carrie Kerskie, President & CEO of Griffon Force, LLC, is a member of Collier County Identity Theft Task Force. She is a sought-after speaker, trainer and consultant on identity theft, internet safety, fraud and data breach.

Read 6 Comments

Related Articles

(Video) Clicked A Phishing Link? Here’s What Happens And What To Do Now

  • Your Parent Could Be a Victim of Identity Theft and Not Know It
  • Lower Your Risk of Identity Theft With a mySSA Account
  • Robocalls and Fear Tactics Help Scammers Swindle Seniors

Recent Questions

  • Can I stop my father from being able to enter into financial contracts without an expensive guardianship? I have POA.
  • Mom has an online "boyfriend" who wants her bank account info and SHE GAVE IT. What do I do now?
  • Mom was previously scammed out of $12,000 from S.S. I was able to retrieve funds, but now it's impacting Medicaid. What do I do?

Popular Questions

  • My father (80) has dementia and let a 25-year-old gold digger move in with him. What should I do?
  • How can I get mom to stop sending money to mail-in sweepstakes? She refuses to believe they are scams!
  • Did anyone ever worry that there are posters on here that lie?

Related Questions

  • Elderly neighbor has a couple staying with him and has been cleaning out his bank accounts and taking things out. What can I do?
  • My Mom has been scammed, maxed out her credit cards, sent money to other states etc. Any advice?
  • Is it a criminal or civil offense for a NH to use an incoherent patient's insurance to commit Medicare fraud?
  • Credit card fraud by home health agency. Is this elder abuse?

Ask a Question

5 Steps to Take After Clicking on a Phishing Link (3)



I can help you compare
costs & services for FREE!

(Video) 5 Immediate Action Steps if you Clicked on a Phishing Email

Hi! I'm a senior care specialist trained to match you with the care option that is best for you.

  • Get personalized guidance from a dedicated local advisor.
  • Get an easy-to-understand breakdown of services and fees.
  • Our service is 100% free to use - no hidden costs.

Click Here to Call Now


What happens if I click on a phishing link? ›

Clicking through a malicious link embedded in a phishing email can have severe consequences including data theft, account compromise and financial loss. One wrong click can also result in serious reputation damage and significant downtime - or even permanent closure - for businesses.

What are 5 features of phishing? ›

Below are tell-tale signs and characteristics of phishing attacks see by Managed IT Services companies .
  • The email makes unrealistic threats or demands. ...
  • There's a catch. ...
  • Poor spelling and grammar. ...
  • A mismatched or dodgy URL. ...
  • You are asked for sensitive information.

What should you do in a phishing attempt? ›

If you suspect that an email or text message you received is a phishing attempt:
  • Do not open it. ...
  • Delete it immediately to prevent yourself from accidentally opening the message in the future.
  • Do not download any attachments accompanying the message. ...
  • Never click links that appear in the message.

What if I clicked on a phishing link on my iPhone? ›

Report the Incident. If your iPhone's been compromised, you're at a higher risk of credit fraud. While it's unlikely hackers will get access to your credit or bank information if you've only clicked a phishing link, it's best to be safe and report the incident. You can report phishing attacks to any major credit bureau ...

What if I clicked on a phishing link but did not enter details? ›

If you clicked on a phishing link that took you to a spoofed page and did not enter any personal information or credentials, then you should be fine. However, one danger is that scammers usually know whether or not you clicked on the link. So, they may determine you're a good target to continue pursuing.

How can I scan my phone for viruses? ›

To run a virus scan on your Android phone, you'll need to download a mobile security software app . Most phones don't come with one installed. Android is an open-source platform, so there are many options for virus scanners, including McAfee Mobile Security.

How do I scan my phone for malware? ›

You can also use Google Settings to scan your phone for security threats:
  1. Open Apps.
  2. Tap Google Settings.
  3. Tap Security.
  4. Tap Verify apps.
  5. Tap Scan device for security threats.

Can iPhones get viruses? ›

Can iPhones get viruses? Though rare, iPhones can get viruses and other malware, especially if the phone is jailbroken or if the victim is targeted in a high-value spear phishing attack. For normal iPhone users, a malware infection is an unlikely event.

What are 5 ways to detect phishing emails? ›

7 Ways to Spot Phishing Email
  • Emails with Bad Grammar and Spelling Mistakes.
  • Emails with an Unfamiliar Greeting or Salutation.
  • Inconsistencies in Email Addresses, Links & Domain Names.
  • Suspicious Attachments.
  • Emails Requesting Login Credentials, Payment Information or Sensitive Data.
  • Too Good to Be True Emails.

What are the 4 ways to avoid phishing? ›

Four Ways To Protect Yourself From Phishing
  • Protect your computer by using security software. ...
  • Protect your cell phone by setting software to update automatically. ...
  • Protect your accounts by using multi-factor authentication. ...
  • Protect your data by backing it up.

What are the do's and don'ts of phishing? ›

DO keep an eye out for telltale signs of phishing: poor spelling or grammar, the use of threats, or the URL does not match that of the legitimate site. If the message does not feel right, chances are it is not. DON'T click on links embedded in an unsolicited email. DON'T open unexpected email attachments.

Which is the best advice when it comes to spotting phishing? ›

Training is key

Make sure they know what to do if they spot a suspicious email, such as: Don't open the email, click on any links, or download/open any attachments. Report the email to your IT security team. Follow organizational security policies.

Is there a safe way to open a suspicious link? ›

If you don't want to interact with the suspicious webpage and instead just quickly want to see what it is, the easiest and safest way to open the link is probably by using an online screen capturing service for websites (e.g., https://www.screenshotmachine.com or https://screenshot.guru).

Can I scan my iPhone for malware? ›

Due to security restrictions on iOS, it is not possible for any app to scan the system or other apps for malware. Apps are not allowed those kinds of permissions, and for that reason, antivirus software on iOS is not possible.

How do I run a virus scan on my iPhone? ›

Since an iPhone cannot have a true virus there is no way to scan for one. If your iOS version is up-to-date (currently iOS 15.5) and you have not jailbroken your iPhone or side loaded apps you have no risk of malware either.

Can someone hack my iPhone if I click a link? ›

Just like on your computer, your iPhone can be hacked by clicking on a suspicious website or link. If a website looks or feels "off" check the logos, the spelling, or the URL.

Should I reset my phone if I clicked on a phishing link? ›

2. Should I reset my phone if I clicked on a phishing link? Yes, restraining the phone after you have disconnected from the internet and removed all unknown apps is a good idea. After that, scan the device for malware or even set it on automatic scans (if available) to make sure you are protected in the future.

How can you tell if your iPhone is being hacked? ›

Signs your iPhone is hacked
  • Your battery doesn't last as long as it used to. ...
  • You're using more data than usual. ...
  • Your iPhone is acting weird. ...
  • Someone has jailbroken your iPhone. ...
  • Enterprise or Developer apps are installed. ...
  • Background noise or electronic interference.
2 days ago

How do I know if my iPhone has virus? ›

Here's how to check if your iPhone or iPad has a virus
  1. Your iPhone is jailbroken. ...
  2. You're seeing apps you don't recognize. ...
  3. You're being inundated with pop-ups. ...
  4. A spike in cellular data usage. ...
  5. Your iPhone is overheating. ...
  6. The battery is draining faster. ...
  7. Run your iPhone through an antivirus software.

Can someone hack my phone? ›

Phone hacking can happen to all kinds of phones, including Androids and iPhones. Since anyone can be vulnerable to phone hacking, we recommend that all users learn how to identify a compromised device.

How can I tell if there is spyware on my phone? ›

9 Signs You Have Spyware on Your Phone
  • You Use Too Much Data. ...
  • Your Battery Is Draining Fast. ...
  • Your Phone Is Overheating. ...
  • You Hear Weird Sounds During Calls. ...
  • Your Phone Feels Sluggish. ...
  • You Notice Suspicious Changes and Charges. ...
  • Your Phone Shows Signs of Activity When in Stand-By Mode. ...
  • Your Phone Takes a Long Time to Shut Down.
20 Nov 2022

How do I know if my phone is infected with malware? ›

A few signs you've got mobile malware and your device has been compromised include:
  1. Battery draining faster.
  2. Pop-up ads.
  3. Unexplained apps.
  4. A surge in data consumption.
  5. Unexplained charges.
  6. Reduced performance.
1 Oct 2021

What do I dial to see if my phone has been hacked? ›

Use the code *#21# to see if hackers track your phone with malicious intent. You can also use this code to verify if your calls, messages, or other data are being diverted. It also shows your diverted information's status and the number to which the information is transferred.

Does wiping a phone remove malware? ›

The short answer is “yes”! By returning the phone settings to factory model, the reset option automatically deletes viruses and any infected file or program on your device. It's an extreme option and works pretty much every time—except in some very rare cases.

How do I clean out my iPhone? ›

To clean your iPhone, unplug all cables and turn it off. Use a soft, slightly damp, lint-free cloth. Avoid getting moisture in openings. Don't use window cleaners, household cleaners, compressed air, aerosol sprays, solvents, ammonia, or abrasives to clean your iPhone.

How do I clean my iPhone viruses? ›

How to Get Rid of Viruses From an iPhone
  1. Delete Suspicious Apps. Inspect the apps on your phone and ask yourself if any of them seem suspicious. ...
  2. Clear Website Data and Browsing History. It's essential to know how to clear your website data because an iPhone virus can still live in this form of storage. ...
  3. Restart Your iPhone.

How do I empty the cache on my iPhone? ›

How to clear the cache on an iPhone or iPad
  1. Open Settings, scroll down until you find Safari, then select it to open the next menu.
  2. Scroll down and tap 'Clear History and Website Data'.
  3. In the popup, tap 'Clear History and Data' to confirm.
8 Jul 2022

What are the six signs of phishing? ›

10 Most Common Signs of a Phishing Email
  • An Unfamiliar Tone or Greeting. ...
  • Grammar and Spelling Errors. ...
  • Inconsistencies in Email Addresses, Links & Domain Names. ...
  • Threats or a Sense of Urgency. ...
  • Suspicious Attachments.

What are 4 common indications that an email is a phishing attempt? ›

Requests for personal information, generic greetings or lack of greetings, misspellings, unofficial "from" email addresses, unfamiliar webpages, and misleading hyperlinks are the most common indicators of a phishing attack.

What are the 8 types of phishing? ›

8 Types of Phishing Attacks
  • Email Phishing. Email is the most popular phishing medium. ...
  • Spear Phishing. Spear phishing works like common phishing attacks, using communications from a seemingly trusted source to trick victims. ...
  • Vishing and Smishing. ...
  • Clone Phishing. ...
  • Pharming. ...
  • HTTPS Phishing. ...
  • Pop-up Phishing. ...
  • Evil Twin Phishing.

What is a preferred method of phishing? ›

Email attack is the preferred method for many hackers -- a cybercriminal sends an email that attempts to fraudulently acquire the recipient's personal information. A phishing email might include an attachment or a link or request personal information.

What are the 5 types of cyber attacks? ›

Types of Cyber Attacks
  • Malware Attack. This is one of the most common types of cyberattacks. ...
  • Phishing Attack. Phishing attacks are one of the most prominent widespread types of cyberattacks. ...
  • Password Attack. ...
  • Man-in-the-Middle Attack. ...
  • SQL Injection Attack. ...
  • Denial-of-Service Attack. ...
  • Insider Threat. ...
  • Cryptojacking.
11 Nov 2022

What is phishing simple answer? ›

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.

What is phishing and give 2 examples? ›

Phishing happens when a victim replies to a fraudulent email that demands urgent action. Examples of requested actions in a phishing email include: Clicking an attachment. Enabling macros in Word document. Updating a password.

What are the 4 steps to verify a link is safe? ›

Here's how to check if a website is safe:
  1. Use a website safety checker. ...
  2. Use your browser's safety tools. ...
  3. Double-check URLs. ...
  4. Check for HTTPS. ...
  5. Look for a privacy policy. ...
  6. Don't blindly trust “trust” badges. ...
  7. Learn the obvious signs that a site is fake. ...
  8. Use “whois” to look up the domain owner.
24 Sept 2021

Can my phone get hacked by opening a link? ›

But it's not the only way attackers can collect your data. Believe it or not, your Android can get hacked by simply tapping on a link or installing a weather forecast app. Viruses can infiltrate your device without you even noticing.

Can you get a virus from just opening a link? ›

Yes, you can get a virus just from visiting a website. These days, it's very easy to be overconfident in our abilities to avoid computer viruses. After all, many of us were told that we simply had to avoid files and programs we didn't recognize. If an email came through that looked fishy, we didn't open them.

Can your phone get hacked after clicking a link? ›

But it's not the only way attackers can collect your data. Believe it or not, your Android can get hacked by simply tapping on a link or installing a weather forecast app. Viruses can infiltrate your device without you even noticing.

Can you be tracked by clicking a link? ›

Tracking whether people click on a link within the email is also relatively straightforward: the email service provider will usually generate a unique URL string (e.g., superduper. email/link17352882737) and forward it to your desired URL. By using a unique link per email subscriber, they can track who clicked what.

How long does a phishing link last? ›

Must-read security coverage

Kaspersky's in-depth analysis of phishing websites found that nearly three quarters of all phishing pages stop showing signs of activity within 30 days.

Can you be infected by clicking a link? ›

Yes, you can get a virus just from visiting a website. These days, it's very easy to be overconfident in our abilities to avoid computer viruses.

How can I clean my phone from viruses? ›

How to remove a virus from an Android phone
  1. Clear your cache and downloads. Open Settings, go to Apps & notifications, and select Chrome. ...
  2. Restart your Android device in safe mode. ...
  3. Find and remove malicious apps. ...
  4. Activate Google Play Protect. ...
  5. Install anti-malware software.
30 Sept 2022

How I know if my phone is hacked? ›

Mysterious apps, calls, or texts appear

A potential telltale sign that your phone has been hacked is the appearance of new apps that you didn't download, along with spikes in data usage that you can't account for. Likewise, if you see calls in your phone bill that you didn't make, that's a warning as well.

What happens if I got phished? ›

While phishing attacks can be dangerous, not all phishing attacks result in identity theft, malware downloads, network intrusions or other personally petrifying, career-ending, and business razing consequences.

How do I know if I've been phished? ›

What are the signs to look out for?
  • Suspicious messages, emails and social posts containing shortened links.
  • Web pages that ask for login credentials.
  • Suspicious emails with uncharacteristic language.
  • Web pages with suspicious or copycat URLs.
11 Oct 2021


1. What To Do If You Accidentally Clicked On A Phishing Link On iPhone 2022
2. Oops! I clicked on Phishing Link
(ManagedTEK - IT Security Services & Monitoring)
3. I Told You NOT To Click The Phishing Link, But You DID! Now What?
(Atomic Shrimp)
4. What To Do After Clicking A Phishing Link ? In Hindi
(Devraj CSE)
5. What Happens If You Click On Phishing Links?
(Loi Liang Yang)
6. Clicking Phishing Scams So You Don't Have To
Top Articles
Latest Posts
Article information

Author: Mr. See Jast

Last Updated: 03/15/2023

Views: 5840

Rating: 4.4 / 5 (75 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Mr. See Jast

Birthday: 1999-07-30

Address: 8409 Megan Mountain, New Mathew, MT 44997-8193

Phone: +5023589614038

Job: Chief Executive

Hobby: Leather crafting, Flag Football, Candle making, Flying, Poi, Gunsmithing, Swimming

Introduction: My name is Mr. See Jast, I am a open, jolly, gorgeous, courageous, inexpensive, friendly, homely person who loves writing and wants to share my knowledge and understanding with you.