Resources > What to do if you clicked on a phishing email

Phishing emails often use urgency or fear tactics to encourage the recipient to act quickly, such as claiming that there is a problem with their account or that their account will be closed if they don’t take action.

If you have clicked on a phishing email, it is important to take immediate action to protect your account and personal information. Here are some steps you can take:

Change your password

Change your password on the affected account and any other accounts that may use the same password.

Check your account activity

Review your account activity and check for any unauthorized access or suspicious activity.

Contact the legitimate company or service

If the phishing email appeared to be from a legitimate company or service, contact them to report the incident and get further guidance on how to secure your account.

Report the phishing email

Report the phishing email to your email provider or to the Anti-Phishing Working Group at reportphishing@apwg.org.

Run a virus scan

Use an up-to-date antivirus program to run a full system scan on your computer or device to check for any malware or viruses that may have been installed.

Educate yourself

Educate yourself on how to spot phishing emails and how to protect yourself against online scams. Be cautious of any unsolicited emails, especially those asking for personal or financial information.