Home / News & Resources / News & Updates / What to do if you click on a phishing link

What to do if you click on a phishing link

  • Posted on

Phishing links pose a number of potential risks to the uninitiated. Legal Director Richard Forrest discusses what might happen if a phishing link is clicked and what support Hayes Connor can provide if such a situation occurs.

Phishing links can pose a serious threat to your personal security and, in many instances, can lead to direct financial losses. It should go without saying that it is incredibly important that you understand how to recognise a phishing link and what actions to take if you have mistakenly clicked on one.

In this article, we will discuss:

At Hayes Connor, we have decades of combined experience in supporting people to claim compensation for phishing scams which are caused by a business or organisation failing to protect their data. We can support you in making a claim for your emotional distress, loss of privacy and any financial losses if you have unknowingly clicked on a phishing link.

If you would like immediate advice from our data breach experts regarding a phishing scam, you can call 0330 041 5135 or fill out our online claim form to start the claims process.

What is a phishing link?

Phishing is a specific type of social engineering attack which is used to steal sensitive personal data. A scammer will pose as a trusted entity and attempt to manipulate a victim into clicking on a malicious link. This link can then lead to the installation of malware or the revealing of sensitive information, such as bank account details.

Scammers sending phishing links often use emails, texts, false websites, and phone calls in an attempt to access the data in question.

It is often the case that scammers are able to send out a phishing link (which looks to be genuine) in the aftermath of a data breach. There have been many situations where cybercriminals have been able to find basic contact details for individuals, using these to pose as a legitimate organisation and extract further information from a potential victim.

How do you know if you are clicking on a phishing link?

It is important to note that phishing links are becoming increasingly sophisticated, making it more difficult to tell whether a link you are clicking on is legitimate, or the part of a wider scam. There are, however, some clear signs that would reveal a phishing link.

To determine whether the link you have been sent is part of a phishing scam, you should take care to look for any inconsistencies in the corresponding message. If there are any discrepancies in the preview of the URL, the address of the sender, or there are errors in the language used, you would be strongly advised to proceed with caution.

Other red flags that you should be aware of are any unusual requests in the message.

Any organisation which has suffered a data breach, resulting in the loss of your personal data, is legally obligated to inform you that this is the case. Where you receive confirmation that your data has been compromised, it is essential that you remain vigilant of any unexpected communications. This is especially true where they come from someone claiming to represent the company which has suffered the data breach.

What happens if you open an email or text message with a phishing link?

Fortunately, it is unlikely that there will be any consequences if you simply open an email or text message which contains a phishing link.

Typically, a user will need to download an attachment or click on a phishing link for a cybercriminal to be able to infect a device.

It is still a good rule of thumb to simply avoid opening any emails which you suspect to be spam or malicious.

What happens if you click on a phishing link?

Exactly what might happen if you mistakenly end up clicking on a phishing link or opening an attachment will depend on the type of attack and what information a scammer is looking to obtain.

A scammer accesses further personal information

Phishing links often allow a scammer to access further personal information from you. While a scammer is already likely to possess very basic information (hence why they have been able to send the phishing correspondence), they can extract further data once a link has been clicked.

As soon as a link is clicked, a scammer may be able to receive data such as your device statistics and approximate location. Of course, they will also have access to information which is voluntarily provided after following the phishing link.

Malware is installed on your device

A scammer may be able to install malware software, such as spyware, ransomware or a virus on your device after clicking on a phishing link. These malicious files are able to infect the device and collect confidential data without you being aware.

What to do after clicking on a phishing link

Disconnect your device

If you think that you have accidentally clicked on a phishing link, the first step you should take should be to immediately disconnect your device from the internet and any other connections. This would prevent any malware from spreading to other synchronised devices which are connected to the same network.

It also prevents someone from being able to remotely access your device after the link has been clicked.

Once disconnected from the internet, you should take care to back up any important files on the device.

Change passwords and credentials

Where you have clicked on a phishing link and voluntarily entered information, it is imperative that you change your passwords and general account credentials. This is especially important if you use the same, or similar, passwords for multiple accounts.

You should also take the time to change your credentials, even if you have not voluntarily entered any information.

Contact your bank

If you have clicked on a phishing link, your financial details may have been compromised. You should therefore contact your bank to temporarily freeze your accounts and take note of any fraudulent transactions that have occurred after the link was clicked.

Scan your system

You should perform a thorough scan for the presence of any malware on your device. If you are not sure how to do this yourself, you can take your device to a professional who can conduct the search on your behalf.

Register with the Cifas Protective Registration service

When registering with the Cifas fraud prevention service, your name and personal details will be flagged in the National Fraud database. Companies that use Cifas will then perform additional checks when your details are used to apply for products and services, which reduces your risk of being exposed to fraud.

The Cifas Protective Registration service currently costs £25 for two years.

Speak to a data breach expert

Being targeted with a phishing link could also suggest that you have been the victim of a data breach. While organisations are legally obligated to report a data breach, they sometimes fail to do so, or the message itself is lost in a victim’s junk mail. Often, people only discover that their information has been exposed after they are subject to multiple scams containing phishing links.

Where you have received a phishing link that you suspect is the result of a personal data breach, this is something the team at Hayes Connor can support you with.

Victims of data breaches could be entitled to claim compensation, even here you may not have suffered any direct financial losses as a result of the data breach.

How Hayes Connor can support you if you have been victim to a phishing link

If you have clicked on a phishing link which was caused by your information being leaked in a data breach, our solicitors may be able to support you to make a compensation claim. We can act for clients on a no win, no fee basis, removing the financial risk of pursuing the claim.

We are one of the largest teams of data breach claims specialists in the country, with decades of combined experience in securing compensation for victims of data breaches. We can advise you on whether you are likely to have grounds for a claim, the level of compensation you may be entitled to and what you need to do to start a claim.

Our goal is to ensure that anyone who is affected by a data breach is able to get the compensation they deserve, while making the claims process as simple and stress-free as possible.

You can find out more about our expertise and how we handle data breach claims here.

To start a claim, you can use our online claim form and we will get back to you shortly to let you know if we believe you have grounds for compensation.

If you would like to speak to a member of our team, please do not hesitate to give us a call on 0330 041 5135.