Help, I’ve been Phished

Falling victim to a phishing scam can be distressing, but taking immediate action can help mitigate potential damage. Here’s a step-by-step guide on what to do if you think you’ve been phished:

Disconnect and Scan Your Device

Disconnect from the Internet: Immediately disconnect your device from the internet to prevent further data transmission to the attackers.

Run a Full Security Scan: Use your antivirus software to perform a full system scan. If you don’t have antivirus software, consider using a reputable free online scanner.

Change Your Passwords

Change Compromised Passwords: If you entered login credentials on the phishing site, change those passwords immediately. Ensure the new passwords are strong and unique.

Update Passwords for Other Accounts: If you use the same password for multiple accounts, change those as well to prevent attackers from accessing them.

Notify Relevant Parties

Inform Your Company’s IT Department: If this occurred at work, notify your IT or security team immediately so they can take appropriate action.

Contact Affected Companies: If you provided personal information, contact the companies or services affected to inform them of the breach and seek advice.

Report to Authorities: In the UK, you can report phishing attempts to the National Cyber Security Centre (NCSC) at report@phishing.gov.uk.

Monitor Your Accounts

Check Financial Statements: Regularly review your bank and credit card statements for any unauthorised transactions.

Set Up Alerts: Enable account activity alerts on your financial accounts to be notified of any unusual or suspicious activity.

Secure Your Accounts

Review Account Settings: Ensure there are no unauthorized changes to your account settings, such as email forwarding rules or recovery options.

Check Login Activity: Many services provide a log of recent login activity. Review this to check for any unfamiliar logins.

Educate Yourself and Others

Learn About Phishing
Familiarise yourself with common phishing tactics and how to spot them with Aursec’s cyber awareness workshops.

Share Knowledge
Educate friends, family, and colleagues about the risks of phishing and how to protect themselves.

Take Preventative Measures

Install Security Software: Use security software to protect against malware, phishing, and other cyber threats.

Stay Updated: Ensure your operating system and all software are up to date with the latest security patches.