What to Do If You Clicked a Suspicious Link

Immediate Steps After Clicking a Suspicious Link

Don't panic, but act quickly. Here's what to do.

Immediate Actions

1. Disconnect from the internet - Unplug ethernet or disable WiFi
2. Don't enter any information - If a page is asking for login credentials or personal info, close it immediately
3. Close the browser - Don't just close the tab, close the entire browser
4. Note what happened - Write down what you clicked and what you saw

If You Entered Login Credentials

1. From a different device, change your password immediately
2. If you use the same password elsewhere, change those too
3. Enable multi-factor authentication if available
4. Monitor your account for suspicious activity

Report the Incident

1. Contact our helpdesk immediately
2. Provide details:
   • What email or message contained the link?
   • What website did it take you to?
   • Did you enter any information?
   • What device were you using?
3. Forward the suspicious email to IT if possible

Scan Your Device

1. Run a full antivirus scan
2. Open Windows Security and run a Full scan
3. If your company uses Sophos, run a Sophos scan

Signs of Compromise to Watch For

• Unexpected password reset emails
• Unknown login notifications
• Sent emails you didn't write
• Computer running unusually slow
• Strange pop-ups or programs
• Coworkers receiving suspicious emails from you

Prevention for Next Time

• Review our guide on how to spot phishing emails
• When in doubt, don't click
• Report suspicious emails even if you didn't click

Need more help? Contact our helpdesk and we'll be happy to assist you.