What to Do if Clicked on Phishing Email?

It is tempting to reply to the title question by saying, run, go for the hills!” But, instead, I will give sound advice about what to do if you click a phishing hyperlink.

What is Phishing?

To give you some context and explain what phishing actually is, let me start by briefly explaining it. Phishing continues to be a pain in the arse for both the cybersecurity industry and business people, as well as the general public.

It is the most commonly used tool by cybercriminals to:

• Steal personal information
• Steal financial card details
• Login credentials for Steal
• Install malware on your computer
• Install malware on your device/mobile phone

Cybercriminals use phishing emails to spread malware and other malicious links. Clicking this link will initiate the process of infecting your computer with malware or stealing data.

A 2018 survey found that nearly half of the recipients opened the email, and one-third clicked on the phishing link. What can go wrong once the link is clicked? And what can be done to minimize the damage?

Phishing scams are emails that look like they’re coming from trusted sources such as someone you know or an organization you do business. Scammers also use SMS (text message phishing) to scam you into clicking on fraudulent links, sharing private information, opening attachments, or clicking on a link that takes you to a fake website.

You can install malware by clicking on phishing links or opening attachments in these messages. It is hidden from the user so it is not obvious. Once the malware is installed, it can harvest your sensitive data, send more phishing emails to your contacts, or give a cyber-criminal remote access to your device.

Phishing messages are becoming increasingly difficult to spot. These scams are becoming more sophisticated and you, or someone using your device, will likely fall prey to phishing.

You clicked the Phishing Link. Now What?

Phishing links can be used to solicit information from cybercriminals. Clicking a phishing hyperlink usually leads to an action such as being taken directly to a website to enter personal information. Here are some examples of phishing and how to deal with the consequences of clicking a link.

The type of phishing attack that you have been hit with will affect the actions you need to take. If you are unsure and have clicked on a phishing hyperlink:

1. Don’t enter any data
2. Disconnect from the Internet
3. Use an anti-malware/virus software to scan your computer.
4. Change your passwords
5. You should make sure that you have a backup of your files.

Phishing to data

Email phishing link: Phishing emails may include tempting offers or coupons. You may be asked to provide your information to obtain a coupon or similar offer.

This phishing email sends you a malicious link. Clicking it will take you to a website with a form that you need to fill out.

1. The page will redirect you to a fake website. The page will look exactly like a Tesco website if it was a brand email.
2. This page will require you to enter some data. This data could be any of the following:
3. Personal information such as name, address or something similar
4. Financial data such as credit card details

What should I do?

1. Do not enter any data requested
2. As soon as possible, disconnect your computer from the Internet
3. It is possible to feel compelled to “play” with cybercriminals, and even enter your own spoof information. However, it is futile and could lead to you giving them information like your IP address that they can use for further attacks.

Phishing to login details

Email phishing links: Emails that have been branded to appear as an email from a well-known company or account online. You might be told your account was hacked or that you need to update it after suspicious activity.

You will be taken to a login page by clicking the phishing link

1. The login page will look exactly like the brand you used in your email, such as Apple.
2. Your login credentials will be required, such as a username or password.

What should I do?

• Do not enter login credentials. These credentials will be sent immediately to the cybercriminals responsible for the scam, who will use them in order to log into the authentic brand account.

Phishing infections

Email phishing link: Malware infected websites may be found at the end of any link you click.

You will be taken to a fake site by clicking the phishing link

1. The damage could already be done by the time you reach the site. This method was used to infect users’ computers by CryptoLocker and Cryptowall ransomware.
2. The infected code is embedded in the URL that the link links to
3. Your device may be vulnerable if it is not secure (i.e. The malware could exploit a security flaw in your browser or any other software on your computer to install.

What should I do?

1. Your device should be disconnected from the internet immediately. You can do this by either turning off your network connection or unplugging your network cable. This will prevent malware infections.
2. Scan your machine using anti-virus/anti-malware software. Use the full scan mode. During the scan, you should remain disconnected from the Internet.

An important note:

Multi-tasking may be a possibility with Phishing Email Links. They may redirect you to a website in order to steal your personal information, obtain a login credential, and infect your device.

You should be extra cautious:

1. If you are not absolutely certain that the website is legit, don’t enter any login or personal information.
2. Do an anti-malware scan every day and immediately after clicking on suspicious links
3. Secure backups of your files should be kept safe

Protect yourself from the harmful effects of clicking a Phishing link

In addition to the immediate actions mentioned above, you should also consider the following:

1. Check that your software is current and has security patches.
2. Passwords that are difficult to guess should be used
3. Change your password for any accounts that you suspect are involved
4. For multiple accounts, do not use the same password
5. Two-factor authentication is encouraged wherever possible
6. Backup your files frequently to a secure backup device, preferably one that is not connected to your network continuously.

Remember that

Phishing links are not limited to emails. You can also find malicious links that lead to infected devices and stolen data in:

• Text messages via SMS
• Mobile app messages
• Posts on social media
• Google Calendar invites can include phishing links

To try and circumvent the protections we have, phishing campaigns are constantly being developed.

Proceed With Caution Take Care

Phishing emails and text messages has become an unavoidable threat in this digital age. It is best to be cautious and delete any suspicious emails or texts. A legitimate business or organization will never ask for sensitive information via unsecure channels such as email, text, or pop-ups. The sender may attempt to reach you by phone or postal mail if the message is really important.