With phishing schemes and emails becoming more common and harder to spot by the day, simply avoiding them isn’t enough.

While there are countless tips and software that help you detect and avoid phishing scams, what should you do if you, or someone you know, falls for one?

What Is a Phishing Email?

Gmail inbox

A phishing email is a message a black- or gray-hat hacker sends with malicious intent. Phishing attacks tailored to you are much harder to spot and avoid, while others use generic tricks and are often mass-sent to hundreds or thousands of addresses.

Phishing emails contain information to trick you into trusting the sender then downloading an attachment, visiting a website, sending information, or logging into an account using the fake link they provide.

You Fell for a Phishing Email: Now What?

Phishing emails rely on social engineering, which takes advantage of you, effectively bypassing your cybersecurity software such as antivirus, firewall, and spam filters.

It only takes one false move. This could be not noticing the sender's email has a small, intentional typo or not double-checking the linked website's URL for accuracy and an SSL certificate (shown as HTTPS).

But falling for a phishing email isn't the end of the world.

Don't panic. If you're fast but keep a cool head, you can walk away unscathed and more cautious than ever.

There are mainly two ways you could fall for a phishing email: either downloading a file through the email or giving away confidential information. Luckily, you can limit the damage if you act promptly.

What To Do After Downloading a Malicious File

Laptop with a red screen and black pirate flag

Downloading an infected file is one of the easiest ways attackers can access your files and data. This could be an email attachment or a link to a website where you can download the malicious file.

Anyone can fall for this. But you're more likely to if you don't know what phishing emails can generally look like, or if you don't have an antivirus with malware detector to warn you about suspicious downloads.

Stop the Attack Before It Starts

Say you made a mistake and ended up downloading a file that your antivirus software didn't flag. What now?

Not all attacks wreak havoc right away. You might still have time to react and minimize the damage.

The first thing you need to do is disconnect your device from the internet. That way, you'll prevent anyone from remotely accessing your device. It also ensures any spyware that they might've installed doesn't leak your files to the attacker.

Clean Up Your Device

Stopping the attack in its tracks is a necessary first step, but that doesn't mean your work is over. Going back online as if nothing happened is like inviting the attacker back into your device.

You need to scan and clean your device of malware.

If you're not confident in your technical skills, you could take your device to a local technician or call a tech support center and explain the situation.

But a competent security suite should work fine.

Repair the Damage

Change the logins for any important services like email provider and financial accounts. Keep an eye on anything the attacker might've accessed during their short-lived attack.

That includes changing your passwords, if you saved them locally, and contacting your bank if you had unencrypted financial documents on your device.

Related: Don't Be Fooled by These Advanced Phishing Techniques

What To Do After Giving Away Your Logins

Login screen on a tablet

One of the most common ways phishing emails get your login credentials is by telling you that there’s a problem with your account and offering a link to reset your password. The link leads to a duplicate website where they collect your password.

If that happens, they can access your account—especially if you haven't enabled two-factor authentication.

Change Your Password

Even if you made the mistake and logged your credentials into a fake website, the attack doesn't start until the attacker changes the account's password and email, preventing you from signing in or retrieving your password.

The moment you realize you made the mistake, you need to beat them to logging into your account. Go to the real website: double-check the URL address and SSL certificate before logging in.

There, you need to set a stronger password. Go to the settings and log out on all devices, which would kick the hacker out if they'd already logged in. Don't forget to change your security questions and their answers as they might figure those out now that they had access to your personal information.

Beware: the hacker may try to change the account's password and email and force-log you out, as well.

Contact the Breached Account Provider

Unfortunately, it's not always easy to notice this type of scheme early on. If you were too late and the attacker has already locked you out of your account, you can still prevent major damage.

Now, your only option is to contact the account provider. This could be Twitter, for instance, or your bank if it's financial or personal information.

Most major sites have a protocol to verify the person using the account, and the faster you reach out to them, the less time the hacker has to change details or learn more about you.

Change Your Login Credentials

While changing your password after an attack might be common knowledge, you should actually change all of your login information. That includes email, username, password, and security questions.

Knowing even one part of your login makes it easier for a hacker to guess the other one. Changing all of them after an attack makes it much harder for the same cybercriminal to target you again.

Level Up Your Security Response

There are many security measures you can take to avoid falling for phishing emails, but you also need to level up your security response.

In order to minimize the damages of malware, keep a recent backup of your data at all times, and encrypt files containing private information. To tackle password theft, enable multi-factor authentication, setting an additional obstacle for the hacker to bypass even if they have your logins.

Image Credit: Piqsels.