ScamCheckTool
by Privacy Toolbox
Start Check

Recovery guide

What to do after clicking a phishing link

If you clicked a suspicious link, the next steps depend on what happened after that click. Start with calm checks, secure any affected accounts, and only then consider extra protection.

Back to Guides

Start with the simplest question

Did you only open the page, or did you also type anything into it? That answer changes the level of urgency more than the click by itself.

1. Immediate steps

  • Close the suspicious page and do not enter any more information.
  • Disconnect from the page rather than interacting with popups, downloads, or warning messages on it.
  • Think back to what happened: did you only open the page, or did you also type a password, payment details, or a code?
  • Use the official website or app directly if you need to check a real account alert.

2. If you entered details

  • Change the affected password straight away from the real website or app, not from the suspicious link.
  • If you reuse that password elsewhere, change those accounts as well.
  • Turn on two-factor authentication where available.
  • Contact your bank or card provider quickly if payment details were entered.

3. Follow-up checks

  • Check recent sign-ins, password reset emails, and account notifications for unusual activity.
  • Run a security scan if the page tried to download software, open files, or push browser notifications.
  • Watch for follow-up scam calls, texts, or emails that reuse the same story.
  • Keep screenshots or notes in case you need to report the incident.

How to think about the risk

A phishing page may be trying to do one of several things: steal a password, collect payment details, trick you into calling a fake support number, or persuade you to install software. The useful response is to match your next step to the likely risk.

If a password was involved, account security comes first. If card details were entered, payment protection comes first. If the page pushed a download or browser notification, device checks come first. This page is designed to help you make that distinction without overreacting.

Recommended next step

Run a trusted device and phishing protection check

If the page pushed a download, fake warning, or suspicious browser prompt, a security suite can help you review the device and tighten protection after the incident.

Security suite

Review Security Option

This is a placeholder affiliate link for a security suite. If real affiliate links are added later, the page should keep this disclosure visible near the CTA.

Recommended next step

Monitor identity and account misuse after a phishing scare

If you shared personal information or are worried about follow-up fraud, identity monitoring may help you spot unusual account activity sooner.

Identity monitoring

Review Identity Monitoring

This is a placeholder affiliate link for identity monitoring. Keep the disclosure visible if a real partner offer is added.

Practical account recovery checklist

Account security

  • • Change passwords from the official site.
  • • Sign out of other sessions if the service allows it.
  • • Review account recovery email addresses and phone numbers.
  • • Turn on two-factor authentication where possible.

Payment and identity checks

  • • Review bank and card activity for anything unfamiliar.
  • • Be cautious with replacement-card or refund calls you did not expect.
  • • Check credit-related accounts if sensitive personal details were entered.
  • • Keep notes in case you need to report the incident later.

Is clicking a phishing link always enough to compromise a device?

Not always. In many cases, the bigger risk starts when someone enters a password, payment details, or downloads something. It is still sensible to review the device and the account involved.

What if I only opened the page and closed it straight away?

That may reduce the risk, but it does not remove the need for a quick check. Look at the account the message referred to, confirm there were no downloads, and stay alert for follow-up phishing attempts.

Should I call the number shown on the suspicious page?

No. Use contact details from the official company website, your bank card, or the app you already trust instead.