Phished – now what?

What To Do if You’ve Been Phished

By now, all of us should have at least some basic exposure to the concept of “phishing.” We know that there are malicious actors out there sending out email that impersonates someone or some company we know in order to either get us to give them our personal information or to infect our devices with some sort of attack (or both). We know we should be careful; we should not click on suspicious links; we should watch for telltale signs that an email is fraudulent (PSMail detailed a few specific things to look for in an article a couple months ago).

But what if…? What if, despite your diligence, you find that you’ve been fooled. You click on that link or hit “send” on that account information and realize only belatedly that all was not as you thought. You’ve been phished.

What do you do then?

Well, there are several things, and I’ll warn you up front that it’s going to be a hassle. The threat of this inconvenience should be all the more encouragement to take the preventative steps we’ve detailed before, like backing up your data, installing anti-virus, and cultivating a sense of caution. Even the most tech-savvy person occasionally makes mistakes, though, and so it is occasionally necessary to move into “recovery” mode and limit the damage once you’ve taken the ruse.

So here’s what you should do when you discover you’ve been phished:

1. Disconnect from the Internet: This can both prevent the hacker from having access to your device and prevent the attack from taking over your email account and spreading itself to your contact lists.
2. Change Passwords: For whatever account has been compromised (i.e. did you give away your bank account info thinking you were communicating with your bank? health insurance account login? Facebook password? etc.) immediately change the password using another device. This will prevent the attacker from continued access. Also, if there are accounts for which you used the same password (which you should never do), change those as well.
3. Contact Credit Agencies: Consider placing an alert or even a freeze on your credit to prevent the hacker from taking out new lines of credit in your name.
4. Run Antivirus: Scan your device using antivirus software.
5. Contact Whoever was Spoofed: In other words, the person or entity that the hacker was impersonating. Perhaps the malicious message seemed to come from your boss or your mother or your bank…wherever it came from, they’ll want to know so they can address the issue from their side.
6. Watch: Watch your accounts for signs of strange activity. If you see strange purchases that you didn’t authorize or anything else out of the ordinary, chances are the hacker is behind it. Follow up immediately with the organization involved (i.e. credit card companies, for example, will not hold you responsible for fraudulent charges as long as you contact them in a reasonable amount of time).
7. If necessary, Go to the Backup: Hopefully, you regularly backup all your critical data via an external hard drive or the backup system provided by your operating system. If your device has been compromised beyond a simple fix, you can restore these backups and start fresh. More on backing up your device can be found here.

Another bit of advice that’s of a less technical nature is this: If you were being cautious and watchful, but still got tricked, don’t feel too bad. Even the most cautious, most tech savvy of us can occasionally get “caught” on the phishing line. What we do after being tricked, however, can make a significant difference in the trouble it causes us.