Phishing messages have become a global menace in recent years. Hackers are adept at exploiting our vulnerabilities, and sometimes, a few moments of inattention can lead to falling into their trap. Unsure if the message you've received is legitimate? First and foremost, it's advisable to get acquainted with and bookmark the Scan My SMS website, which can assist you in identifying potential phishing attempts.
But what if you've already clicked on the malicious link and even entered your personal information? Here are the recommendations from the cybersecurity company, ESET:
1. Don't Provide Additional Information: Let's say you've received an email from an online store that raised suspicion, but out of curiosity, you clicked on the link without thinking too much. The link directs you to a website that appears legitimate, but your concerns and suspicions linger. In such a case, it's essential to refrain from divulging additional information: do not enter your login details or provide your bank account information. If all the attackers were after was your existing information and they didn't attempt to infect your device with malware, it's reasonable to assume that you've avoided the danger entirely.
2. Disconnect the Device from the Internet: Some phishing attacks might grant hackers easy access to your computer, phone, or another device. They could infect it with malware, gather information about you and your device, or gain remote control. To minimize the damage, you should act swiftly. Start by disconnecting the compromised device from the internet. If you're using a wired connection on a computer, unplug the network cable. If it's connected via Wi-Fi, turn off Wi-Fi or enable "Airplane Mode" on your smartphone.
3. Back Up Your Data: Disconnecting the device from the internet prevents further data transmission to the malicious server, but it doesn't necessarily mean your data is safe. You need to back up your files, with an emphasis on sensitive or personally valuable documents, like photos and important files. However, be cautious about backing up data immediately after an attack, as it's possible that these files may also be compromised. Instead, make regular and planned backups. In case of an attack, you can restore your data from an external hard drive, USB drive, or cloud storage service.
4. Run a Comprehensive Scan for Threats: Run a thorough malware scan on your device using reliable security software while it's still offline. It's recommended to perform an additional scan afterward, for example, with ESET's free online scanner tools. Download these scan tools directly to your computer or, if possible, from a separate storage device like a USB drive that you can connect to the infected device. Avoid using the device during the scan and follow the instructions if any suspicious files are detected.
If the scan doesn't find any potential threats but you're still concerned, contact your security product provider. If you're not using multi-layered security software that includes protection against phishing attacks, consider getting one.
Remember, taking prompt action is essential in containing the potential damage caused by a phishing attempt.
5. Consider a Full Device Reset: Resetting your device to its manufacturer's settings entails restoring it to its original state by deleting all installed software and files. While some threats might persist on the device even after a full reset, in most cases, erasing the device's memory effectively removes all threats. Remember that resetting to manufacturer settings is irreversible, and it will wipe all data stored on the device. This underscores the vital need for regular backups.
6. Change Your Passwords: Phishing messages may lead you to disclose sensitive data such as ID numbers, bank account details, credit card information, or login credentials for specific websites. Even in cases where you didn't willingly provide this information, it's possible that malware has been installed on your device to track it. If you suspect this is the case—especially if a phishing message requests your access details (username and password) for a specific service—immediately change your login information. This is crucial if you use the same login credentials for multiple accounts, like email, banking, and social media.
7. Contact Banks, Authorities, and Service Providers: If you shared bank account or credit card details or login information for accounts that have access to your credit card, notify your bank immediately. You can block or freeze your card to prevent further fraudulent activity and minimize potential losses. Also, check with your bank (or any other breached payment service) about reimbursement policies in case of fraud.
8. Review Account Activity: Cybercriminals who successfully breach one of your accounts or devices might try to establish their presence for as long as possible. They may change login details, email addresses and phone numbers, or even manipulate your order history on online shopping sites. If, for instance, you spot unauthorized or unverified payments, report them, change your passwords, and request refunds if applicable.
9. Find Unrecognized Devices: If hackers gained access to your account information, it's reasonable to assume they tried to log in from their own devices. Most social media platforms document active logins within privacy settings. Examine these connections and disconnect any unrecognized devices.
10. Inform Friends, Contacts, Service Providers, and Employers: In some cases, cybercriminals will use your compromised account's contact list to distribute phishing links or spam messages. Take steps to prevent others from falling into the same trap. If the cyberattack relates to your work accounts or a device provided by your employer, follow company cybersecurity policies and report the incident immediately to your supervisor and IT department.