It seems like all over the internet there is advice and tips telling us how to spot a phishing scam. But what if you’ve already clicked the link, followed the instructions, downloaded the attachment!?
Take a deep breath.
Here are some steps you can take right now to help.
I opened an attachment/ downloaded a file:
- Run a full virus scan. Open your antivirus software and run a full scan on your device. Make sure you follow all the instructions and requests your antivirus software asks you to do.
- Tell your IT support/ supervisor.
I’ve given out my bank details:
- Contact your bank and let them know.
I’ve entered my login details onto a website:
- Change your password on all accounts that share that password.
I’m blocked out of my account:
- Go to that company’s official page and find their contact information, or support line or help desk (normally at the very bottom of the homepage) and contact them.
Other Steps to Take:
One of the most important things is to let people know. By letting others know you are preventing them from falling victim to the same phishing scam. Let your supervisor or IT support know; that way they can run additional test to ensure your device is secure. Let your contacts, friends, family and followers (on social media) know so they too can be on the lookout.
Set up 2-factor authentication. This may seem like a faff, but it’s well worth it. It adds an extra layer of security to your accounts. Even if you accidentally gave away your log in details, the scammer won’t be able access your account without the authentication code sent (for example) to your mobile.
If you have lost money due to a phishing scam you need to contact your bank. As well as contacting Action Fraud and reporting it as a crime.