Accidentally clicking a link in a phishing email can be worrying. Although it doesn't automatically mean your device is compromised, some malicious websites may attempt to download malware in the background, so it's worth taking a few precautionary steps.
If you’ve clicked a suspicious link in the last few minutes and want to act quickly, follow these steps:
Stop interacting with the website.
Close the browser tab. Do not click any buttons or enter any information.
Switch off your device immediately. This can help disrupt any malware that may be trying to download. Once it has powered down, restart it and then disconnect from the internet by turning off wi-fi or enabling Airplane mode.
Check your device for threats
On Windows, open the Start menu and type Windows Security, select Virus & threat protection, then Full scan.
On a Mac, make sure macOS is up to date via System Settings > General > Software Update, and run a scan if you use additional security software.
On a phone, close the browser tab and clear your mobile browser's website data. iPhone users, go to Settings > Safari > ClearHistory and Website Data. Android users (Chrome), open Chrome, tap the three dots > History > Delete browsing data.
If you shared any passwords, change them straight away
Start with your email account, then update any other accounts that use the same password. If you shared banking details, contact your bank immediately and explain what happened.
Turn on two-factor authentication (2FA)
This adds an extra layer of protection to help you in the future.
Read more about 2FA