You can be aware of all the latest phishing scams and still fall for one of them. While the realization that you just clicked on some kind of fraudulent link definitely causes panic, there are a few simple steps to minimize the damage and also keep your devices and data safe. Lifehacker
What to do if you entered information on a suspicious site
It seems to go without saying, but it's worth mentioning: don't enter any information in any text fields and don't download anything from a suspicious site. However, if you did enter your information somewhere, you need to change the password on your account. If you use the same password for any other accounts, change those too. Better yet, make them all unique.
If you entered information related to your finances, call your bank's hotline and report the incident. Consider locking up your credit records so no one can open a new account. And check your bank's website for specific advice on what to do next. If you transferred money to a scammer, report the incident to the local police.
Block your credit reports (Transunion, Equifax, Experian and Innovis) and notify the Federal Trade Commission that you have been phished. Especially if you entered your social security number.
How to secure your accounts and devices
Whether you've entered any information or not, here's what you should do after clicking on a phishing link, according to cybersecurity company aNetworks:
- Disconnect your device from the internet to prevent malware from spreading to other devices on the network.
- Back up your device using physical external devices such as USB drives.
- Scan your device for malware. But keep in mind that if you don't already have an antivirus program installed, you may need the help of a professional.
- Change your credentials on all your accounts. And, if possible, enable two-factor authentication.
- Christopher De Gaeta, director of IT services at G/O Media, explained that after you've cleaned up the malware, you can reconnect to the internet to change your passwords and enable multi-factor authentication. Although some may argue that this is not entirely safe. And only cleaning the computer is the true method of security. Consult with a professional or your IT department to determine if cleaning is required before reconnecting.
De Gaeta suggested setting up fraud alerts. Especially if you have passed on any sensitive information. Because whoever has received your data will rarely wait to start using it.
After you take these precautions and the panic subsides, be sure to take some steps to make sure it doesn't happen again. Spend some time researching the different types of scams because there will be another one. Scammers don't take breaks, so you shouldn't either.