Phishing attacks are a common and increasingly sophisticated form of cybercrime.
If you've clicked on a phishing link, act quickly to limit the damage.
Below is a step-by-step guide on what to do next, plus practical steps to reduce the risk of further harm.
Understanding Phishing Attacks
Phishing is a type of cybercrime where attackers pose as legitimate entities to deceive people into revealing sensitive information such as login credentials, credit card numbers, or other personal data.
These attacks can take various forms including email, social media messages, phone calls, and text messages.
The primary goal is to trick the recipient into taking an action that benefits the attacker - such as clicking a malicious link, downloading malware, or providing confidential information.
In 2022, fraudulent emails accounted for nearly 50% of all sent emails, with phishing remaining one of the most common forms of cybercrime, equating to an estimated 3.4 billion spam emails sent every day.
What The Research Shows
Industry research cited by AAG puts fraudulent email at nearly half of all email traffic in 2022, with billions of spam messages sent daily - which is why one mistaken click can escalate quickly (AAG, 2024).
That volume helps explain why attackers still rely on a few familiar methods.
"If someone on your team clicks a suspicious link, the first hour matters. Disconnect the device, avoid entering more details, change exposed credentials, and report the incident - those steps limit how far an attack can spread."
Paul Holland, Founder and CEO, Beyond Encryption (Mailock)
Most attacks still fit a small set of delivery methods.
3 Common Types of Phishing Attacks
Email Phishing
This is the most common form, where attackers send fraudulent emails appearing to be from trusted sources.
These emails often contain links to fake websites designed to steal information.
Vishing (Voice Phishing)
This method uses phone calls to deceive people into providing personal information.
Attackers often pose as representatives from banks, government agencies, or technical support.
Smishing (SMS Phishing)
This approach uses text messages to lure people into clicking malicious links or giving up personal information.
Immediate Actions
If you've clicked on what you believe to be a phishing link - don't panic. Follow these steps straight away:
1. Disconnect Your Device
The first and most crucial step is to disconnect your device from the internet.
This prevents malware from spreading or communicating with a remote server.
2. Do Not Provide Personal Information
If you were directed to a webpage asking for information, do not enter any details. Close the browser window immediately.
3. Scan for Malware
Run a comprehensive malware scan on your device using reputable antivirus software such as Bitdefender, Norton, or Avast.
If you don't already have antivirus software, use a different device to download one and transfer it using a USB stick.
4. Change Your Passwords
If you entered login credentials on the phishing page, change those passwords immediately.
Use strong, unique passwords for each account. The National Cyber Security Centre recommends combining three random words.
Combine three random words to create a password that's long enough and strong enough.
Consider using a password manager to store your credentials securely.
5. Monitor Your Accounts
Check your bank accounts, credit cards, and other financial services regularly for suspicious activity.
Report any unauthorised transactions to your provider straight away. Even if nothing has happened yet, it's wise to inform your bank of the situation so they can watch for issues.
You should also report the event to Action Fraud if you:
Have lost money or been a victim of fraud due to phishing.
Have been hacked or had your personal data compromised.
Received a suspicious message claiming to be from an official source.
Preventative Measures
Stopping a risky click is usually simpler than recovering after malware or credential theft. Here's what you can do to stay safe.
Use Security Software
Keep your antivirus software up to date and consider adding tools like anti-phishing filters or secure email solutions for added protection.
Enable Two-Factor Authentication (2FA)
Where available, enable 2FA. This adds a second layer of verification to keep your accounts safer - even if someone gets hold of your password.
What The Research Shows
Two-factor authentication adds a second check at sign-in, so a stolen password on its own is less likely to give an attacker full account access.
Even with 2FA enabled, email remains a common route for phishing attempts.
Be Cautious With Emails
Scrutinise emails before clicking on any links or downloading attachments. Check for red flags such as spelling errors, mismatched URLs, or generic greetings.
Regularly Update Software
Install updates to your operating system, browsers, and apps to benefit from the latest security patches.
Back Up Important Data
Back up your critical data to an external drive or cloud storage. This ensures you don't lose access to your files if malware infects your device.
Educate Yourself and Others
Learn to recognise the common signs of phishing - urgent requests, suspicious links, and unexpected attachments - and share this knowledge with others. The NCSC's Cyber Aware guidance is a useful starting point for everyday security habits.
Stay Vigilant
Clicking a phishing link can be nerve-wracking, but taking immediate and informed actions can help reduce the damage.
By following the steps above, you can protect your personal information and minimise the risk of further harm.
Need A Safer Way To Send Sensitive Email?
Mailock keeps email familiar while adding protected access, recipient checks, secure replies, message tracking, and sender controls.
Watch for unusual senders, unexpected attachments, and pressure to act immediately. Pause before you click an unfamiliar link or enter personal details online.
Keep learning about the latest phishing tactics so you can spot the warning signs early.
"Being cautious doesn't mean being paranoid. With phishing, awareness is your best defence."
Sam Kendall, Marketing Manager, Beyond Encryption (Mailock)
Teams that handle sensitive client or customer data by email should also review how messages are sent, opened, and replied to once an incident has been contained.
For regulated teams, it is worth reviewing email controls alongside the personal steps above once an incident has been handled.
FAQs
What Should You Do First After Clicking a Phishing Link?
Disconnect if needed, avoid entering more information, scan for malware, and change passwords from a safe device.
How Do Email Phishing, Vishing, and Smishing Differ?
They use different channels: email, voice calls, and SMS, but all try to push people into unsafe actions.
When Should an Incident Be Reported?
Report it when credentials, payment details, business systems, or personal data may have been exposed.
Sabrina McClune writes about cybersecurity, data protection, digital identity, and digital transformation for Beyond Encryption, helping regulated sectors understand complex technology and compliance topics with greater clarity.
.png?)
Sabrina McClune
.svg)
Previous post