I Clicked a Phishing Link — What Now?
Don't panic. Follow these steps immediately to limit the damage. Every second counts.
If you entered any passwords, bank details, or personal info on a fake page, act now — don't wait.
🚨 Your 5-Step Emergency Response
Turn off Wi-Fi and mobile data immediately. This stops malware from communicating with the attacker or downloading more payloads. You can still use your device offline to change passwords and check accounts.
If you typed your email, banking, or social media password into a fake page, that password is now compromised. Use a different device (one that did NOT click the link) to change passwords immediately.
1️⃣ Email account — if they get your email, they can reset everything else
2️⃣ Online banking — call your bank's fraud team to freeze the account
3️⃣ Social media — especially if you reuse the same password
4️⃣ Shopping sites — Amazon, PayPal, eBay, any saved card details
5️⃣ Any other site where you used the same password
Turn on two-factor authentication on every account that supports it. Use an authenticator app (Google Authenticator, Microsoft Authenticator, Authy) — not SMS if possible. This blocks the attacker even if they have your password.
The link may have downloaded malware even if you didn't enter anything. Reconnect to the internet, then run a full scan with your antivirus. If you don't have one, use Microsoft Defender (Windows) — it's built in and excellent. On Mac, Malwarebytes is a good free option.
- Windows: Windows Security → Virus & threat protection → Scan options → Full scan
- Mac: Download and run Malwarebytes free edition
- Also check browser extensions for anything suspicious that may have been installed
Over the next 24-48 hours, keep a close eye on:
- Your bank and credit card transactions — check for small test payments
- Your email sent folder — scammers often use your account to send more phishing emails to your contacts
- Your email forwarding rules — check Settings → Forwarding for anything you didn't set up
- Login activity on your accounts — most services show recent login locations under Security settings
- Your credit report — check for new accounts opened in your name in the coming weeks
📋 What to Do If You Already Entered Bank Details
🔍 Quick Check — What Type of Phishing Was It?
| Type | What Happened | Your Risk Level |
|---|---|---|
| Smishing (SMS text) | Fake text pretending to be your bank, DPD, Royal Mail, HMRC, etc. with a link | 🟡 Medium — depends if you entered data |
| Email phishing | Fake email with a link to a login page or attachment | 🟡 Medium-High — check attachments for malware |
| Vishing (phone call) | Fake call pretending to be your bank, tech support, or government | 🔴 High — you gave info verbally, hard to undo |
| Quishing (QR code) | Fake QR code on a poster, parking meter, or email that leads to a phishing page | 🟡 Medium — same risk as clicking a link |
| Spear phishing (targeted) | Personalised attack using your name, employer, or recent activity | 🔴 High — attacker did their homework |
How to Spot a Fake Link Next Time
- 🔍 Hover over links before clicking — the real URL appears in the bottom left of your browser
- 🔤 Check the domain —
amazon-secure-login.comis fake,amazon.co.ukis real - 📧 Read the sender address — not just the display name.
"Your Bank" <[email protected]>is a scam - ⚠️ Urgency is a red flag — "Your account will be closed in 24 hours" is nearly always fake
- 📞 Call them back — if a company contacts you, hang up and call the official number from their website
❓ FAQ
Probably, but not guaranteed. Some phishing links install malware or tracking scripts just by loading the page. Run a full antivirus scan and monitor your accounts for a few days.
Change that password immediately from a different device. If you reuse it anywhere else, change it there too. Enable 2FA. The attacker may have automated scripts that try the password on other sites within seconds.
Gmail: Settings → See all settings → Forwarding and POP/IMAP → Check for any forwarding addresses you didn't set up.
Outlook: Settings → Mail → Forwarding → Check status.
iCloud: Settings → Mail → Forwarding (in Mail app on Mac).
Only if you suspect malware that antivirus can't remove. Factory reset is the nuclear option. Try a full antivirus scan first. If you have any doubts, take it to a reputable repair shop.
Stay safe with CyberAware UK
We expose scams, educate UK families, and provide recovery resources.
This guide is for informational purposes. It does not constitute legal advice. Last updated: July 2026. Sources: NCSC, Action Fraud, National Cyber Security Centre.