Menu
Home 🔍 Search
Live Threat Intel
Been Scammed? Start Here
Lock It Down
Scams & Money
Reviews & Tests
Know Your Stuff
Go Deeper
Careers
About Us
© 2026 CyberAware UK
🔍𝕏📸👍🎧
Menu
Home🔍 Search
Reviews & Tests
Careers
© 2026 CyberAware UK
⚠️

I Clicked a Phishing Link — What Now?

Don't panic. Follow these steps immediately to limit the damage. Every second counts.

⏱ THIS IS YOUR EMERGENCY ACTION PLAN

If you entered any passwords, bank details, or personal info on a fake page, act now — don't wait.

🚨 Your 5-Step Emergency Response

Step 1: Disconnect from the Internet

Turn off Wi-Fi and mobile data immediately. This stops malware from communicating with the attacker or downloading more payloads. You can still use your device offline to change passwords and check accounts.

Step 2: Change Your Passwords (if you entered them)

If you typed your email, banking, or social media password into a fake page, that password is now compromised. Use a different device (one that did NOT click the link) to change passwords immediately.

Priority order:
1️⃣ Email account — if they get your email, they can reset everything else
2️⃣ Online banking — call your bank's fraud team to freeze the account
3️⃣ Social media — especially if you reuse the same password
4️⃣ Shopping sites — Amazon, PayPal, eBay, any saved card details
5️⃣ Any other site where you used the same password
Step 3: Enable 2FA Everywhere

Turn on two-factor authentication on every account that supports it. Use an authenticator app (Google Authenticator, Microsoft Authenticator, Authy) — not SMS if possible. This blocks the attacker even if they have your password.

Step 4: Run a Full Malware Scan

The link may have downloaded malware even if you didn't enter anything. Reconnect to the internet, then run a full scan with your antivirus. If you don't have one, use Microsoft Defender (Windows) — it's built in and excellent. On Mac, Malwarebytes is a good free option.

Scan recommendations:
- Windows: Windows Security → Virus & threat protection → Scan options → Full scan
- Mac: Download and run Malwarebytes free edition
- Also check browser extensions for anything suspicious that may have been installed
Step 5: Check for Unauthorised Activity

Over the next 24-48 hours, keep a close eye on:

  • Your bank and credit card transactions — check for small test payments
  • Your email sent folder — scammers often use your account to send more phishing emails to your contacts
  • Your email forwarding rules — check Settings → Forwarding for anything you didn't set up
  • Login activity on your accounts — most services show recent login locations under Security settings
  • Your credit report — check for new accounts opened in your name in the coming weeks

📋 What to Do If You Already Entered Bank Details

1. Call your bank NOW. Use the number on the back of your card — not any number from the suspicious email or text. Tell them: "I entered my bank details into a phishing page. Please freeze my account and cancel my cards." They will issue new cards and monitor for fraud.
2. Report to Action Fraud. Visit actionfraud.police.uk or call 0300 123 2040. Get a crime reference number — your bank may need it.
3. Forward the phishing email/text to 7726. This free service sends scam messages to your mobile provider for blocking. For emails, forward to [email protected] (NCSC).
4. Monitor your accounts for 3 months. Some scammers wait weeks before using stolen details. Check statements monthly.

🔍 Quick Check — What Type of Phishing Was It?

Type What Happened Your Risk Level
Smishing (SMS text) Fake text pretending to be your bank, DPD, Royal Mail, HMRC, etc. with a link 🟡 Medium — depends if you entered data
Email phishing Fake email with a link to a login page or attachment 🟡 Medium-High — check attachments for malware
Vishing (phone call) Fake call pretending to be your bank, tech support, or government 🔴 High — you gave info verbally, hard to undo
Quishing (QR code) Fake QR code on a poster, parking meter, or email that leads to a phishing page 🟡 Medium — same risk as clicking a link
Spear phishing (targeted) Personalised attack using your name, employer, or recent activity 🔴 High — attacker did their homework
🛡️

How to Spot a Fake Link Next Time

  • 🔍 Hover over links before clicking — the real URL appears in the bottom left of your browser
  • 🔤 Check the domainamazon-secure-login.com is fake, amazon.co.uk is real
  • 📧 Read the sender address — not just the display name. "Your Bank" <[email protected]> is a scam
  • ⚠️ Urgency is a red flag — "Your account will be closed in 24 hours" is nearly always fake
  • 📞 Call them back — if a company contacts you, hang up and call the official number from their website

❓ FAQ

I clicked a link but didn't enter anything. Am I safe?

Probably, but not guaranteed. Some phishing links install malware or tracking scripts just by loading the page. Run a full antivirus scan and monitor your accounts for a few days.

I entered my password but caught it straight away. What do I do?

Change that password immediately from a different device. If you reuse it anywhere else, change it there too. Enable 2FA. The attacker may have automated scripts that try the password on other sites within seconds.

How do I check my email forwarding rules?

Gmail: Settings → See all settings → Forwarding and POP/IMAP → Check for any forwarding addresses you didn't set up.
Outlook: Settings → Mail → Forwarding → Check status.
iCloud: Settings → Mail → Forwarding (in Mail app on Mac).

Should I reset my phone or computer?

Only if you suspect malware that antivirus can't remove. Factory reset is the nuclear option. Try a full antivirus scan first. If you have any doubts, take it to a reputable repair shop.

🛡️

Stay safe with CyberAware UK
We expose scams, educate UK families, and provide recovery resources.

📞 Report to Action Fraud 💰 Recovery Guide 🛡️ Prevention Tips

This guide is for informational purposes. It does not constitute legal advice. Last updated: July 2026. Sources: NCSC, Action Fraud, National Cyber Security Centre.