Monday, 11 September 2023 02:58

10 things to do immediately when clicking on a fake link

Written by Leydin Sorto

Misspellings, strange grammar, urgent or threatening language, and lack of context are common signs of phishing attacks.



However, some phishing threats are more difficult to detect, as they involve significant time investment and meticulous planning by the attackers, who even examine the target's previous communications, ultimately making the hoax very convincing and successful. ESET, a leading proactive threat detection company, shares 10 things to do immediately afterwards to minimize the damage.

A popular tactic used by scammers in large-scale fraudulent campaigns is to exploit current events. For example, what looked like an email from the UK's National Health Service offering a free trial of COVID-19 was actually a way to obtain victims' personal data via a fake form.

ESET shares 10 tips on what to do after you've taken the bait:

  • Do not give more information: Suppose you received an email from an online store that, although it generated some suspicion, you clicked on the attached link without giving it too much thought, or out of curiosity, and although it leads to a website that looks legitimate, the doubt remains. The simplest thing to do is to refrain from sharing additional information: do not enter credentials or provide banking or other equally sensitive data. If the scammers only wanted the data and didn't compromise the device with malware, chances are you'll be able to dodge the bait, or get away with it.

Iphone, Smartphone, Aplicaciones

  • Disconnect the device from the Internet: Some phishing attacks can give you access to your computer, cell phone or other device. They can deploy malware, collect personal or device information, or gain remote control. To mitigate damage, it is imperative to act quickly. The first thing to do is to disconnect the device from the Internet. If using a wired PC, simply unplug it. If you are connected via Wi-Fi, disable that connection in the device's settings or enable the airplane mode function.

Red, Cable, Ethernet

  • Back up your data: Disconnecting from the Internet will prevent more data from being sent to the malicious server, but data is still at risk. Files should be backed up, mainly sensitive documents or files with high personal value, such as photos and videos. Backing up data after it has been compromised can be risky, as it may have already been compromised by malware. Instead, files should be backed up regularly and preventively. If the malware does affect the device, data can be recovered from an external hard drive, USB stick or cloud storage service.

Red, Iot, Internet De Las Cosas

  • Perform a scan for malware and other threats: Run a full scan of the device with anti-malware software from a trusted vendor while the device is disconnected from the Internet. Ideally, run a second scan using, for example, ESET's free online scanner. Download the scanner to the computer or to a separate device, such as a USB hard drive, that can be inserted into the infected computer and install the software from there. Do not use the device during the scan and wait for the results. If the scanner finds suspicious files, follow its instructions to remove them. If the scanning process does not find any potential risks, but you still have doubts, contact the security vendor.

Interfaz, Internet, Programa, Navegador

  • Consider a factory reset: Resetting to factory defaults means returning the phone to its original state by removing all installed applications and files. However, some types of malware may persist on the device even after a hard reset, however, wiping the mobile device or computer will most likely successfully remove any threats. Remember that a factory reset is irreversible and will erase all locally stored data. The importance of regular backups cannot be overemphasized.

Registro, Iniciar Sesión, Teclado, Mano


  • Reset passwords: Phishing emails can trick you into divulging sensitive data, such as ID numbers, bank and credit card details or login credentials. If this is believed to be the case, especially if phishing emails ask for a specific username to be provided - for example, with a LinkedIn-themed scam - login credentials should be changed immediately, many more if the same password is recycled across multiple accounts such as email, online banking and/or social networks. These situations highlight the importance of using unique usernames and passwords for different online services. Using the same credentials across multiple accounts makes it easier for attackers to steal personal data or money.

Hacer Una Llamada Telefónica, Teléfono

  • Contact banks, authorities and service providers: If you provided bank or credit card details or access data to a website with access to the cards, you should immediately contact the entity that provides them. They may be able to block the card or freeze it to prevent future fraud, thus minimizing financial damage. Check if your bank (or payment services) has a refund policy for scam victims. To prevent others from falling for this scam, also alert your local authorities.

Teléfono, Teclas, Comunicación

  • Spot the differences: When criminals manage to get into one of the devices or accounts, they may change login details, email addresses, phone numbers or anything that can help them get a foothold in the account and take it over for longer. Review social media activity, banking information and order history for your online purchases. If, for example, any payment is detected that seems odd, unknown or unauthorized, report it, change login credentials and, if applicable, request a refund.

Electrónica, Tecnología, Dispositivos

  • Search for unrecognized devices: If hackers have stolen your account data, they are likely to try to log in from your own device. Most social networking platforms keep a record of logged-in sessions in the privacy settings. Do that check and force logout on any unknown device.

Móvil, Smartphone, Celular, Teléfono

Notify friends, contacts, service providers and employer: Sometimes, scammers use the contact list on a compromised account to spread phishing links or spam. Be aware of this and take steps to prevent others from falling for the same scam.

In the event that a cyberattack is related to work accounts or devices provided by a company, follow the rules and report it immediately to the IT department. Major email services, such as Outlook or Gmail, also offer tools to report phishing emails directly from your inbox.

"Taking the bait and clicking on a phishing link may make you feel embarrassed, and even alarmed, but this type of threat is becoming more and more common. In fact, it happens to hundreds of thousands of people every year, and the numbers are growing. If you stay calm and follow the advice above, you'll be one step ahead of the threats you could face", says Gutiérrez Amaya, head of ESET Latin America's Research Lab.


Translated by: A.M