What to do if you get Phished

Home > Blog > What to do if you get Phished
6 February, 2020

Getting phished can happen to anyone. Emails are, after all, part of our daily routines. If you receive a large volume of emails, then it’s even easier for a phishing email to slip through the net. What’s more phishers know that an eye catching subject title on an email can reel a reader in. Before they know it they have opened the email, clicked on the link and fallen prey to the phish. Sound familiar?

how not to get phished - example of a phishing email

Did you fall hook, line and sinker?

If think you have fallen for a phishing scam, before you go into full panic mode check that you have definitely been phished. Just because you opened a suspect email, downloaded a PDF or zip file, doesn’t mean you have. For you to be phished you need to unzip the file or click on the link in the email or PDF you opened.

9 Steps to take if you have been phished

Once you have established you are the victim of a phishing attack. You will need to minimise the potential threat, to do this follow our 9 step guide.

Step 1. Change your credentials

Maintain your security by updating your credentials like your passwords and usernames. Start with the most recently used online accounts and then moved on to those that contain the most sensitive information, like bank account details. Be sure to do this from an uncompromised device. We strongly recommend you consider using two factor authentication as an extra layer of defence.

Step 2. Disconnect the device

This is one of the most important steps if you have been phished. You need to disconnect the infected device from the internet or network. If you have a Wi-Fi connection then go to your menu to turn it off or forget the network. If, on the other hand, it is an ethernet cable connection you will need to pull it out. It is important you do this to reduce the risk of malware spreading to other devices on your network.

Step 3. Advise someone in authority

Getting phished is embarrassing but you need to act fast to reduce the spread of infection. If you don’t you could put your email contacts, or company data at a greater risk. Speak to either your manager, or IT support immediately.

Step 4. Deal with the phishing email

Firstly, flag the offending email, most email programs provide instructions on how to do this. This means that any further emails from the sender will go into your spam/ junk folder. Secondly, forward the email to your IT department or IT support. Be sure to include the header information, as this shows where the email came from.

Step 5. Back up files

We recommend that you do a full back up after you have disconnected from the internet. A phishing attack could easily destroy or delete data. Whether you back up to a hard drive, USB or cloud storage you need to make sure that your data is safe.

Step 6. Scan your system for Malware

If you have opened an attachment or clicked on a link then you need to check for an infection. It is common amongst phishers to imbed malicious coding that can capture keystrokes, take over computers or networks. To find out if your device has any malicious coding you need to run a scan. Once the scan starts we advise that you don’t touch your device until completed. You will receive notification of any suspicious files found and whether you need to delete or quarantine them. If you feel that this beyond the level of your expertise then we recommend you contact your IT department or IT Support team.

Step 7. Alert the source

Take the time to let the business or person who the email came from. They may be unaware of the attack and you could prevent further ones from happening.

Step 8. Get the word out

Send out a company-wide communication to make everyone aware of the phishing scam. Use all forms of communication such as email, instant messaging or SMS. Consider the different roles of your staff and what form of communication they will respond to quickest to ensure that no one else falls foul to the scam.

Step 9. Report it

Report the scam to Action Fraud on 0300 123 2040 or use their online reporting tool. You may also need to inform the ICO if there has been a data breach.

Once Phished, twice shy

A phishing attack may prompt you to review your cyber security policy and procedures. We recommend that you do this regularly rather than wait for something to happen! Our experts can help with our range of cyber and website security solutions.

We also recommend reading the following:

How Secure Is My Password?

Considering Website Security: 6 reasons why you should

Cyber Security Heaven: 7 Steps to peace of mind

For more information about our service

Get in touch