In the past two weeks, we have included informative articles about how to identify email phishing scams and how to protect yourself against them. Today, we'll cover tips on what to do if you think you've been phished.
Don't click and don't forward it to colleagues. If a questionable email is in your inbox, don't open any attachments in it, don't click any hyperlinks in it, and refrain from forwarding it to anyone else so that you don't expose them to the risk of being phished. Instead, contact your IT personnel and let them know of the email. They'll be able to assess if it is a phishing attempt and communicate the results with the rest of the organization to help protect others who may be targetted.
Put your security software into action. If you think you clicked on a link or attachment that contains harmful software, you should run a full system security scan of your computer right away. An immediate scan may prevent the threat from spreading. You should also ensure that your security software is up to date. As we covered last week, software updates include performance and security improvements. The phishing email may have gotten into your inbox because you're not using the latest version of the security software. Make sure to make all updates as soon as possible to prevent phishing threats.
Change your passwords. If you think scammers have your personal information, you should change all of your passwords and potentially your credit card information, your bank account number, and much more depending on the level of threat. To know what steps to take, you can visit this website in the US or this one in Canada.
Report it. By reporting the phishing attempt, you're helping authorities fight against future threats. If you're in the US, you can file a complaint with the Federal Trade Commission. If you're in Canada, your complaint should be made with the Canadian Anti-Fraud Centre.
We hope this three-part series of articles on phishing scams have helped you be a little more informed and a lot safer!