Phishing attacks are computer attacks that target users with fraudulent links or emails to extort personal data from the user. If you’ve clicked on a phishing link, you may have unknowingly downloaded a virus that can harm you or jeopardize your financial and account safety from afar. For example, a phishing link may contain a keylogger that tracks your keyboard and sends a log of the keystrokes back to the owner, essentially revealing your passwords.
What To Do if You Click on a Phishing Link
Phishing attempts can be serious, so internet users need to know what to do if they’ve been subject to an attack. Here are the steps you need to take.
Step 1: Disconnect From the Internet
Before you do anything else, disconnect your device from the internet.
Remove the ethernet cord if you are using a physical connection. If you are using your device on wi-fi, disconnect from your local connection using your device settings or turn off your router.
This isolates your device and helps to prevent any potential viruses from spreading to other devices on the network. It also makes it impossible for the malware to send any information out or allow anyone to access your device remotely.
Step 2: Back Up and Scan the Device
After disconnecting from the internet, back up your device’s data.
Phishing attacks can install viruses on your device that have the potential to destroy your data. Make sure to back the data up as soon as possible after disconnecting from the internet. Back up all data to a device that can store files without being connected to the internet, like a USB drive.
If you can’t back up everything with your current resources, focus on sensitive data — like payment information, client data and any notes that you have on your financial accounts.
After backing up your files, scan the device using an anti-malware program. Anti-malware software is a computer program that searches your program log for activity similar to that of a remote-controlled virus. It then identifies the programs that are causing the suspicious activity, allowing you to delete the offending programs.
Run your computer’s anti-malware program — many computers now are equipped with free antivirus software — or contact IT if you are on a corporate device. They can help guide you through your company’s unique scanning process.
Step 3: Change Your Username and Password
After you’ve scanned your device and removed any offending programs, you should change your username and password for the account you received the phishing link through. This helps to ensure that any hackers who were able to successfully download malware or viruses to the device no longer have access to the account that was compromised.
If you are unable to change your username — for example, if the account that was compromised was an email account — be sure to turn on two-factor authentication. Two-factor authentication is a special account feature that requires you to connect a third-party account that you also own, like a cell phone number, to access your account.
Whenever you — or a hacker — attempt to log into your account, you won’t be granted access until you can provide a unique one-time code generated and sent to the other account linked to your main account. This way, unless the hacker has access to both accounts, they will not be able to gain access to your information even after entering the right credentials.
It’s a good idea to use two-factor authentication on all accounts that offer it, even if you’ve never clicked on a phishing link or had your accounts hacked in another way, especially for accounts that contain sensitive information, like banking or medical data.
Step 4: Alter Your Online Habits
After removing the hacker’s access to your account, learn from the experience and practice internet safety. Being careful about any links that you click on in the future helps you prevent further instances of compromised safety.
It’s not always easy to spot a phishing link before you’ve clicked, but there are a few things you can look for:
- Check the email address, not the display name — display names are easy to fake.
- Poor spelling and grammar are red flags that the message was sent by a scammer.
- Don’t let threats scare you — scammers use inflammatory language and may claim your accounts are being closed or that you owe money when you don’t.
- Legitimate companies will address you by name. If an email is addressed to “Customer” or something similar, it may be a phishing attempt.
If you’re at all suspicious of a link, don’t click it. If it looks like it might be from a trusted source, but you’re not sure, you can contact the source directly through a phone number listed on its website to ask.
How you respond to a phishing attempt might vary depending on whether you are using a personal or corporate device, but the first thing you should always do — and quickly — is disconnect your device from the internet.
If it’s a work device, contact your business’s tech department to report the potential breach. Many companies have institutional-level firewalls that prevent suspicious programs from being downloaded to company devices, even when authorized by the user.
FAQHere are some quick answers to common questions about clicking on phishing links and what you should do.
- What happens if I clicked a phishing link?
- If you clicked on a phishing link, you may have given malware access to your computer. This malware might be a keylogger that tracks your keystrokes, or it might allow someone to access your device remotely.
- It's very important that you disconnect your device from the internet immediately to minimize the damage.
- What if I clicked on a phishing link but did not enter details?
- Unfortunately, you could still be susceptible to a phishing attempt, even if you didn't enter your personal information. Many phishing attempts also download hacking software to your device without your knowledge or consent. Disconnect the device from the internet and practice regular data leak management steps anytime you click on a phishing link.
- What if I clicked on a phishing link on my iPhone?
- After clicking a phishing link on an iPhone, follow the same steps as you would after clicking a phishing link on your computer. Mobile web safety apps like TotalAV offer convenient antivirus software that can scan the phone and detect any viruses.
Amber Barkley contributed to the reporting for this article.
Our in-house research team and on-site financial experts work together to create content that’s accurate, impartial, and up to date. We fact-check every single statistic, quote and fact using trusted primary resources to make sure the information we provide is correct. You can learn more about GOBankingRates’ processes and standards in our editorial policy.
- Microsoft. "What is phishing?"
- Microsoft. 2022. "The Importance of Two-Factor Authentication."
- AgingCare. "5 Steps to Take After Clicking on a Phishing Link."
- Cybernews. 2023. "Best antivirus apps for iPhone and iPad."
- Boston University Information Services & Technology. "How Firewalls Work."