{"id":8453,"date":"2023-09-04T12:00:00","date_gmt":"2023-09-04T09:00:00","guid":{"rendered":"https:\/\/blog.eset.ee\/et\/2023\/09\/04\/getting-off-the-hook-10-steps-to-take-after-clicking-on-a-phishing-link\/"},"modified":"2023-09-04T12:00:00","modified_gmt":"2023-09-04T09:00:00","slug":"getting-off-the-hook-10-steps-to-take-after-clicking-on-a-phishing-link","status":"publish","type":"post","link":"https:\/\/blog.eset.ee\/et\/en\/2023\/09\/04\/getting-off-the-hook-10-steps-to-take-after-clicking-on-a-phishing-link\/","title":{"rendered":"Getting off the hook: 10 steps to take after clicking on a phishing link"},"content":{"rendered":"<p><span lang=\"EN-US\">Spelling mistakes, weird grammar, urgent or threatening language, a lack of context \u2013 all these are common <a href=\"https:\/\/www.welivesecurity.com\/en\/scams\/dear-all-what-are-some-common-subject-lines-in-phishing-emails\/\"><span>giveaways of phishing <\/span><span lang=\"SK\">attacks<\/span><span>.<\/span><\/a><br \/>\n<a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/04\/solved-how-android-backdoor-called-xhelper-survives-factory-resets\/\">Some<\/a> phishing threats are tougher to spot, however, and are indeed a different kettle of fish in that they involve a significant investment of time and meticulous planning from the attackers, who even scrutinize the target\u2019s past communications, which ultimately makes the attack highly convincing and successful.<\/span><\/p>\n<p><span lang=\"EN-US\">One popular tactic used by scammers in large-scale fraudulent campaigns involves exploiting current events. For example, what seemed like an <a href=\"https:\/\/www.welivesecurity.com\/2021\/12\/03\/scammers-exploit-omicron-fears-new-covid19-phishing-campaign\/index.html\"><span>email from the UK\u2019s National Health Service<\/span><\/a> to offer a free COVID-19 test was, in fact, a way to obtain victims\u2019 personal details via a fake form.<span><br \/>\n<\/span><\/span><\/p>\n<p><span lang=\"EN-US\">It takes only moments to fall victim to a scam and not even IT professionals are exempt from this risk. You simply receive a seemingly innocuous email message containing a link you\u2019re told to click on \u2018before it\u2019s too late\u2019. But what if, right after doing so, a sense of unease washes over you and you realize it was all a scam? What are your options? <\/span><\/p>\n<h2><span>So, what should you do now?<\/span><\/h2>\n<p><span lang=\"EN-US\">Here are a few tips for what to do after you\u2019ve taken the bait. <\/span><\/p>\n<ul>\n<li>\n<h2><span lang=\"EN-US\">Do not provide any further information<\/span><\/h2>\n<\/li>\n<\/ul>\n<p>Let\u2019s say you received an email from an online store that raises a few suspicions, but you clicked on the attached link without thinking too much about it or just out of curiosity. The link sends you to a website that looks legitimate, and yet doubts linger in your mind..<\/p>\n<p><span lang=\"EN-US\">The most straightforward approach is to refrain from sharing any additional information \u2013 do not input your credentials or provide your bank account details. If scammers were going only after your data and did not compromise your device with malware, chances are that you\u2019ve just dodged the hook.<\/span><\/p>\n<ul>\n<li><strong><span lang=\"EN-US\">Disconnect your device from the internet<\/span><\/strong><\/li>\n<\/ul>\n<p>Some phishing attacks may cause you to give scammers access to your computer, mobile phone, or another device. They may deploy malware, collect information about you and your device, or gain remote control of the compromised device.<\/p>\n<p><span lang=\"EN-US\">To mitigate the damage, swift action is imperative. Start by disconnecting the compromised device from the internet.<\/span><\/p>\n<p><span lang=\"EN-US\">If you use a PC with a wired connection, simply unplug the internet cable from your computer. If connected through Wi-Fi, turn it off in the device\u2019s settings or turn on the \u2018airplane mode\u2019 feature on your mobile phone. <\/span><\/p>\n<blockquote>\n<p><em><span lang=\"EN-US\">RELATED READING: <a href=\"https:\/\/www.welivesecurity.com\/2020\/02\/03\/would-you-get-hooked-phishing-scam-test-yourself\/\"><span>Would you get hooked by a phishing scam? Test yourself<\/span><\/a><br \/>\n<\/span><\/em><\/p>\n<\/blockquote>\n<ul>\n<li><strong><span lang=\"EN-US\">Back up your data <\/span><\/strong><\/li>\n<\/ul>\n<p>Disconnecting from the internet will prevent more data from being sent to the malicious server, but your data is still in danger. You <a href=\"https:\/\/www.welivesecurity.com\/2023\/03\/31\/world-backup-day-avoiding-data-disaster-forever-topic\/\">should back up your files<\/a>, mainly sensitive documents or those files with high personal value, such as photos and videos.<\/p>\n<p><span lang=\"EN-US\">However, backing up your data after being compromised can be risky, as they may have already been compromised by malware. Chances are that you will back up the malware alongside the photos from your last birthday party. <\/span><\/p>\n<p><span lang=\"EN-US\">Instead, you should back up your files regularly and <\/span><span lang=\"EN-US\">preemptively<span>. If malware hits your device, you can recover your data from an external hard drive, a USB stick, or a cloud storage service.<\/span><\/span><\/p>\n<ul>\n<li><strong><span lang=\"EN-US\">Run a scan for malware and other threats<\/span><\/strong><\/li>\n<\/ul>\n<p>Run a complete scan of your device using antimalware software from a reputable provider, all while the device is still disconnected from the internet.<\/p>\n<p><span lang=\"EN-US\">Ideally, you would also run a second scan, using, for example, <a href=\"https:\/\/www.eset.com\/int\/home\/online-scanner\/?utm_source=welivesecurity.com&amp;utm_medium=referral&amp;utm_campaign=autotagging&amp;utm_content=scams&amp;utm_term=en\">ESET&#8217;s Free Online Scanner<\/a>.<\/span><span lang=\"EN-US\"> Download the scanner either to the computer or possibly to a separate device such as a USB hard drive that you can then insert into the compromised computer and install the software from there. <\/span><\/p>\n<p><span lang=\"EN-US\">Don\u2019t use the device during the scan and wait for the results. If the scanner finds suspicious files, follow the instructions to remove them.<\/span><\/p>\n<p><span lang=\"EN-US\">If the scanning process doesn\u2019t find any potential risk but you still have doubts, contact your security vendor. And if you\u2019re still not using any multilayered, anti-malware software with anti-phishing features, get yourself one! <\/span><\/p>\n<ul>\n<li><strong><span lang=\"EN-US\">Consider a factory reset <\/span><\/strong><\/li>\n<\/ul>\n<p>Factory reset means returning the phone to its original state by removing all installed apps and files. However, some types of malware can persist on your device even after a full reset, but chances are that wiping your mobile device or computer successfully removes any threat. Remember that a factory reset is irreversible and will wipe all data stored locally. The importance of making regular backups cannot be overstated.<\/p>\n<ul>\n<li><strong><span lang=\"EN-US\">Reset your passwords<\/span><\/strong><\/li>\n<\/ul>\n<p>Phishing emails may trick you into divulging your sensitive data such as ID numbers, banking and credit card details, or login credentials. All is fish that comes to a scammer\u2019s net! Even when you don\u2019t provide your details, it is possible that if you have malware installed on your device, it might track them down.<\/p>\n<p><span lang=\"EN-US\">If you think this is the case, mainly if the phishing emails request you to deliver a specific login \u2013 for example, with a <a href=\"https:\/\/www.welivesecurity.com\/2022\/05\/09\/common-linkedin-scams-phishing-attacks-fake-job-offers\/\"><span>LinkedIn-themed scam<\/span><\/a> \u2013 you should immediately change your login credentials, doubly so if you recycle the same password across several accounts such as your email, online banking, and\/or social media.<\/span><\/p>\n<p><span lang=\"EN-US\">These situations highlight the importance of using <a href=\"https:\/\/www.welivesecurity.com\/2021\/10\/19\/recipe-failure-predictably-poor-passwords\/\"><span>unique usernames and passwords<\/span><\/a> for different online services. Using the same credentials across various accounts makes it much easier for attackers to steal your personal data or money. <\/span><\/p>\n<ul>\n<li><strong><span lang=\"EN-US\">Contact banks, authorities and service providers<\/span><\/strong><\/li>\n<\/ul>\n<p><span lang=\"EN-US\">If you entered bank\/credit card details or login details for a website with access to your cards, inform your bank immediately. Your card can be blocked or frozen to prevent future fraud, and you can prevent or minimize any financial loss. Remember to check if your bank (or another compromised payment service) has a refund policy for victims of scams.<\/span><\/p>\n<p><span lang=\"EN-US\">To avoid other people falling for this scam, you should also contact your local authorities. In the US, <\/span><a href=\"https:\/\/consumer.ftc.gov\/articles\/what-know-about-credit-freezes-fraud-alerts\"><span>according to the US Federal Trade Commission.<\/span><\/a><span lang=\"EN-US\"> you can also alert one of the three credit bureaus. <\/span><\/p>\n<blockquote>\n<p><em><span lang=\"EN-US\">RELATED READING: <a href=\"https:\/\/www.welivesecurity.com\/videos\/week-security-tony-anscombe-172\/\"><span>How to spot and avoid a phishing attack <\/span><span lang=\"SK\">\u2013<\/span><span> Week in security with Tony Anscombe<\/span><\/a><br \/>\n<\/span><\/em><\/p>\n<\/blockquote>\n<ul>\n<li><strong><span lang=\"EN-US\">Spot the differences<\/span><\/strong><\/li>\n<\/ul>\n<p>Criminals who successfully break into one of your devices or accounts may try to establish their presence there for as long as possible. <span>They may change your login details, email addresses, phone numbers, or anything that can help them solidify their foothold in your account. <\/span><\/p>\n<p><span lang=\"EN-US\">Review your activity on social media accounts, banking information, and your online shopping order history. If, for example, you spot any payments that feels off, unfamiliar or unauthorized, report it, change your login credentials and ask for a refund.<\/span><\/p>\n<ul>\n<li><strong><span lang=\"EN-US\">Search for unrecognized devices<\/span><\/strong><\/li>\n<\/ul>\n<p>If hackers stole your account details, chances are that they tried to log in from their own device. Most social media platforms keep a record of your current logged-in sessions under the privacy settings. Go check it and force logout for any unknown device.<\/p>\n<ul>\n<li><strong><span lang=\"EN-US\">Notify your friends, contacts, service providers and employer<\/span><\/strong><\/li>\n<\/ul>\n<p><span lang=\"EN-US\">Sometimes scammers use your contact list on a compromised account to spread phishing links or spam. Be mindful of this and take steps to prevent others from falling for the same scam.<\/span><\/p>\n<p><span lang=\"EN-US\">If a cyberattack is related to your work accounts or employer-issued devices, follow your company rules for dealing with cyber-incidents and report the case to your manager and the IT department right away. <\/span><span><span>Major email services such as <a href=\"https:\/\/support.microsoft.com\/en-au\/office\/phishing-and-suspicious-behaviour-0d882ea5-eedc-4bed-aebc-079ffa1105a3#:~:text=In%20the%20message%20list%2C%20select,to%20report%20the%20message%20sender.\">Outlook <\/a>or <a href=\"https:\/\/support.google.com\/mail\/answer\/8253?hl=en\">Gmail <\/a>also offer tools to report phishing emails directly from your inbox.<\/span><\/span><\/p>\n<h2><span>Parting thoughts<\/span><\/h2>\n<p><span>Taking a bait and clicking on a phishing link may make you feel ashamed, and even alarming, but this kind of threat is evermore common. In fact, it happens to <a href=\"https:\/\/www.ic3.gov\/Media\/PDF\/AnnualReport\/2022_IC3Report.pdf\">hundreds of thousands of people every year just in the US<\/a>, and the numbers are rising. If you stay calm and follow the tips above, you\u2019re one step ahead of the threats you could possibly face.<\/span><\/p>\n<blockquote><\/blockquote>\n<p class=\"wls-source\"><a href=\"https:\/\/www.welivesecurity.com\/en\/scams\/getting-off-hook-10-steps-take-clicking-phishing-link\/\" rel=\"nofollow noopener\" target=\"_blank\">Read the full analysis on WeLiveSecurity \u2192<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Phishing emails are a weapon of choice for criminals intent on stealing people\u2019s personal data and planting malware on their devices. The healing process does not end with antivirus scanning.<\/p>\n","protected":false},"author":5,"featured_media":8454,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[147],"tags":[],"class_list":["post-8453","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybercrime"],"acf":[],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/8453","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/comments?post=8453"}],"version-history":[{"count":0,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/posts\/8453\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media\/8454"}],"wp:attachment":[{"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/media?parent=8453"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/categories?post=8453"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.eset.ee\/et\/en\/wp-json\/wp\/v2\/tags?post=8453"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}