← Back to Blog
Emergency December 28, 2025 4 min read

What to Do If You Clicked a Phishing Link

Don't panic — but do act quickly. Here's exactly what to do in the minutes and hours after clicking a suspicious link.

Act fast: The sooner you take action, the less damage can be done. Follow these steps immediately.

Step 1: Disconnect from the Internet (If Malware Is Suspected)

If you think the link may have downloaded malware to your device:

  • Turn off WiFi on your device
  • Unplug your ethernet cable if connected by wire
  • This prevents malware from communicating with remote servers or spreading to other devices

Skip this step if you only visited a fake login page but didn't download anything.

Step 2: Don't Enter Any Information

If the link took you to a page asking for login credentials, payment info, or personal details:

  • Close the page immediately — don't enter anything
  • If you already entered information, proceed to the next steps urgently
Good news: Simply clicking a link usually isn't enough to compromise your accounts. The danger comes from entering information or downloading files.

Step 3: Change Your Passwords

If you entered any credentials on the phishing page, change those passwords immediately:

  1. Go directly to the real website by typing the address manually (don't use links)
  2. Change your password for that account
  3. Change passwords on any other accounts that use the same or similar password
  4. Use strong, unique passwords — consider using a password manager

Priority Accounts to Secure

  • Email — attackers can use this to reset other passwords
  • Banking and financial — protect your money
  • Social media — prevent attackers from impersonating you
  • Work/company accounts — protect your employer and colleagues

Step 4: Enable Two-Factor Authentication

Add an extra layer of security to your important accounts:

  • Use an authenticator app (like Google Authenticator or Authy) rather than SMS when possible
  • Prioritize email, banking, and social media accounts
  • This makes it much harder for attackers to access accounts even with your password

Step 5: Scan for Malware

Run a full security scan on your device:

On Windows

  • Use Windows Security (built-in) to run a full scan
  • Consider running additional scans with Malwarebytes (free version available)

On Mac

  • Macs have built-in protection, but consider using Malwarebytes for Mac for extra safety
  • Check for any unfamiliar applications installed recently

On Mobile

  • iPhone: iOS is generally secure; update to the latest version and remove any suspicious apps
  • Android: Use Google Play Protect and consider a reputable security app

Step 6: Check Your Accounts for Suspicious Activity

Look for signs that your accounts may have been accessed:

  • Check email sent folders for messages you didn't send
  • Review bank and credit card transactions
  • Look for password reset emails you didn't request
  • Check social media for posts or messages you didn't create
  • Review login history (most services show recent logins in settings)

Step 7: Report the Phishing Attack

Help prevent others from falling victim:

  • Report to your email provider — mark as phishing/spam
  • Report to the impersonated company — most have abuse@company.com addresses
  • Report to authorities — In the US, report to the FTC at ReportFraud.ftc.gov
  • Forward to us — Send the original email to check@isthismailsafe.com so we can warn others

If Financial Information Was Compromised

Take immediate action:
  • Call your bank immediately using the number on your card (not from the email)
  • Report your card as compromised and request a new one
  • Monitor your accounts closely for the next several months
  • Consider placing a fraud alert or credit freeze with credit bureaus

If You Downloaded a File

Malicious downloads are more serious than just visiting a phishing page:

  1. Don't open the file if you haven't already
  2. Delete the file immediately
  3. Empty your trash/recycle bin
  4. Run a full malware scan
  5. If you opened the file, consider having a professional examine your device

Long-Term Protection

After the immediate crisis is handled, take steps to protect yourself going forward:

  • Use a password manager to create unique passwords for every account
  • Enable 2FA everywhere it's available
  • Keep software updated — updates often include security patches
  • Be more skeptical of unexpected emails, even from known senders
  • Bookmark our service — forward suspicious emails to check@isthismailsafe.com before clicking

Don't Beat Yourself Up

Phishing attacks are sophisticated, and even security professionals sometimes fall for them. What matters is how quickly you respond. By following these steps, you've done everything you can to minimize the damage.

Use this as a learning experience: you'll be more cautious in the future, and now you know exactly what to do if it happens again.

Check before you click

Forward suspicious emails to check@isthismailsafe.com and get an instant security analysis — before it's too late.

Check an Email Now