10 steps to take after clicking a phishing scam

Stephen Moramarco
July 26, 2018 by
Stephen Moramarco

We all make mistakes. Even clicking on a phishing link can happen to the best of us – sometimes we are in a hurry, or sometimes the phishers are exceptionally clever with their ruse. Whatever the reason, it’s important to be safe and salvage as much of the situation as you can. Here’s a list of steps to follow after follow after clicking on a phishing scam.

See Infosec IQ in action

See Infosec IQ in action

From gamified security awareness to award-winning training, phishing simulations, culture assessments and more, we want to show you what makes Infosec IQ an industry leader.

The ten steps to protect yourself

  1. Don’t panic! First, make sure that you have been phished. Merely opening a phishing email and reading it will not affect your computer. Nor will accidentally downloading a .zip file that contains malware. It’s only when you unzip the file and then open the document or program inside then you are likely compromised. Knowing the difference can save you from unnecessary stress.
  2. If you believe you have indeed been phished, immediately disconnect the computer or device from the Internet or network. If it’s a desktop or laptop connected via ethernet cable, unplug it. If you are on WiFi, pull up the menu and turn it off or forget the network.
  3. Notify your supervisor if you have one. This is the difficult part, as many people are embarrassed about their mistake and worry they will get in trouble. Don’t be afraid: a company with a good phishing policy should not blame the employee. Additionally, every second you delay can potentially make the problem worse.
  4. Scan your computer for viruses, especially if you opened an attachment. Many phishing emails contain malicious code that can capture keystrokes or take over computers or networks. Microsoft has a free tool, and for Mac there is a free version of Malwarebytes.
  5. Change usernames and passwords. If the phishing email sent you to a phony site and asked you to enter your credentials, it probably captured that info. To be on the safe side, change all user/passwords for important sites like work email, bank accounts and social media.
  6. Forward the email to IT, if you have one. If you work for a large company, there may be a specific email address to send phishing emails. You’ll want to include the header information, which shows where the email was sent from; the easiest way to do so is to drag and drop the phishing email into a new email and send.
  7. Flag the email as phishing. In programs such as Outlook, there are options to flag the email, which sends the info to Microsoft. Check your program’s email instructions for further info.
  8. Forward the email to the Federal Trade Commission at You should also forward to the Anti-Phishing Work Group at Again, include the headers by dragging and dropping the email. If you think your identity has been stolen, go to and follow the instructions.
  9. Alert the business or person the email appeared to be from. This could prevent further attacks, especially if the phishers have hacked into their system and are using their account.
  10. Evaluate the vulnerabilities of your business. Are there others in the company that can or have made similar mistakes? It may be time to implement stronger anti-phishing policies and add real-world simulations to help prevent further breaches.

Get six free posters

Get six free posters

Reinforce cybersecurity best practices with six eye-catching posters found in our free poster kit from our award-winning series, Work Bytes.

How to evaluate your vulnerabilities

To help you with the final step, Infosec has created Infosec IQ, a platform that contains training, simulation and mitigation tools that can be used by businesses of any size. AwareEd includes interactive videos and tests designed to educate employees about phishing scams and how to avoid them; PhishSim allows administrators to test the vigilance of their workforce by sending fake phishing emails and monitoring the results.

Want to try Infosec IQ for free? Open your free account today and prevent an accidental click tomorrow!


Stephen Moramarco
Stephen Moramarco

Stephen Moramarco is a freelance writer and consultant who lives in Los Angeles. He has written articles and worked with clients all over the world, including SecureGroup, LMG Security, Konvert Marketing, and Iorad.