Although it is tempting to answer the title question with, “run, run for the hills!” Instead, I will try to give you some sound advice on what to do if you find yourself having clicked a phishing link.
Wait, But What is Phishing?
Before starting, and just to add some context, I’ll go over what phishing is all about. Phishing is still the proverbial pain in the butt for the cybersecurity industry, business folks, and for the general public in equal measure.
How does phishing work?
It is THE most used tool by the cybercriminal community to:
- Steal personal data
- Steal financial card details
- Steal login credentials
- Install malware onto your computer
- Install malware onto your mobile phone/device
One of the techniques used by cybercriminals to facilitate all of the above is to include a malicious link in a phishing email. This link, if clicked, begins the process to steal data or infect your device with malware.
In a 2018 survey of over 700,000 phishing emails, nearly half of recipients opened the email and about one-third clicked the phishing link in the email. Once that link is clicked, just what can go wrong and what can you do to reduce the damage?
You Clicked the Phishing Link, So What Now?
Phishing links are used to do the bidding of a cybercriminal; clicking a phishing link usually results in some action, such as being taken to a website, to do something like entering personal information. Below, are typical phishing processes and how to manage the fall-out from clicking a link.
As you’ll find out below, the actions you’ll need to take depend a little on the type of phishing attack you’ve been hit by. Generally, if you’re not sure and you’ve clicked on a phishing link:
- Do not enter any data
- Disconnect from the internet
- Scan your machine using an antivirus/anti malware software – do a full scan
- Change your passwords
- Make sure you’ve backed up files somewhere safe
Phishing for Data
Type of email phishing link: Phishing emails often have enticing offers or vouchers associated with them. They may also ask you to give your details to apply for a voucher or offer or similar.
Clicking the malicious link in this type of phishing email takes you to a web page with a form to complete:
- You’ll be directed to a spoof webpage. If it was a branded email, for example, the email looked like it was from Tesco, the page will look just like a Tesco webpage.
- This webpage will ask you to input some data. These data could include any or all of the following:
- Personal details such as name, address, or similar
- Financial data, such as credit card details
What to do:
- DO NOT enter any of the data requested
- Disconnect your computer from the Internet as quickly as possible
- You may have an urge to ‘play’ with the cybercriminals and enter your own spoof data; don’t engage with them it is pointless and may give them information such as your IP address which they can use to carry out further attacks.
Phishing for Login Details
Type of email phishing link:Emails that are branded to present a well-known company and an online account. They may say that your account has been hacked, or you need to update the account after suspicious activity – anything to get you to click the link.
The phishing link takes you to a login page:
- You will be directed to a login page that looks exactly like the well-known brand from the email, for example, Apple.
- You will be requested to enter your login credentials, e.g., a username and password
What to do:
- DO NOT enter any login credentials. They will be immediately sent to the cybercriminals behind the scam who will use them to log in to the real brand account.
Type of email phishing link: Malware infected websites can be at the end of a link you click.
The phishing link takes you to a spoof site:
- By the time you get to the site, the damage may already be done. A ransomware known as CryptoLocker or Cryptowall, as well as other malware types, used this method to infect users’ devices.
- The URL the link connects to carries the infected code
- If your device is vulnerable (i.e. there is a security vulnerability in the browser or other software on your machine) the malware can take advantage of this and install.
What to do:
- Disconnect your device from the internet immediately. Either by switching off the network connection on your device or unplugging the network cable. This will help to contain any malware infection.
- Scan your machine using anti-virus/anti-malware software. Use the full-scan mode. Remain disconnected from the internet during the scan.
An important note:
Phishing email links may be multi-tasking. That is, they may take you to a website to trick you into revealing personal data, collect a login credential AND infect your device.
To be extra careful, you should:
- NEVER enter any personal data or login details to a website unless you are ABSOLUTELY sure it is legitimate
- Run an anti-malware scan regularly and immediately after clicking a suspicious link
- Keep secure backups of your files in a safe place
Important Ways to Protect Yourself from the Impact of Clicking a Phishing Link
As well as the immediate responses suggested above, you should also do the following:
- Make sure your software on your computer is up to date and security patches installed
- Use hard to guess passwords
- Change your password to any accounts you think are involved
- Do not use the same password for multiple accounts
- Use two-factor authentication wherever it is supported
- Back-up your files regularly to a secure backup device (ideally one which is not continuously connected to your network)
Also, remember that:
Phishing links don’t just come in emails. Malicious links that lead to stolen data and infected devices also can be found in:
- SMS text messages
- Mobile app messages
- Social media posts
- Even Google calendar invites can contain phishing links
Phishing campaigns are forever being updated to try and get around the measures we use to protect ourselves. However, if you keep cybersecurity aware you stand a better chance of staying cyber-safe.