What to Do If You Clicked a Suspicious Link
You Clicked a Suspicious Link - Now What?
It happens. You clicked a link before realising it looked suspicious. The important thing is to act quickly. Here is exactly what to do.
Assess the Situation
Did You Just Click the Link?
If you only clicked the link but did not enter any information:
Your risk is lower but not zero. Some malicious websites can:
- Install malware automatically (drive-by downloads)
- Collect information about your device
- Set up future attacks
Did You Enter Information?
If you entered your password, credit card, or other details:
Your risk is higher. Attackers may have your credentials and could be using them right now.
Immediate Steps to Take
Step 1: Disconnect from the Network (If Malware Is Suspected)
If you think malware may have been installed:
- Turn off WiFi on your device
- Disconnect the ethernet cable if using one
- This prevents potential malware from spreading
Step 2: Do Not Enter Any More Information
If a page is still open asking for information:
- Close the browser immediately
- Do not enter anything else
- Do not click any buttons on the page
Step 3: Change Your Password Immediately
If you entered your password:
- Go directly to the real website (type the address yourself)
- Change your password immediately
- Use a completely different password
Step 4: Contact IT
Report the incident immediately:
- Email: helpdesk@netlumait.com.au
- Phone: 1300 521 162
- What link you clicked
- When it happened
- Whether you entered any information
- What device you were using
Step 5: Check for Unusual Activity
Look for signs of compromise:
Email:
- Emails in Sent folder you did not send
- Replies to messages you did not write
- Forwarding rules you did not create
- If you entered credit card details, monitor your accounts
- Consider contacting your bank
- Check for login notifications from unknown locations
- Look for password reset emails you did not request
What IT Will Do
When you report a suspicious click:
- Assess the threat - Determine what type of attack it was
- Scan your device - Check for malware
- Secure your accounts - Force password resets if needed
- Block the threat - Prevent others from clicking the same link
- Monitor for issues - Watch for signs of compromise
Specific Scenarios
Clicked Link on Your Phone
- Close the browser completely
- Run any security app you have
- Report to IT
- If you entered credentials, change them from a different device
Clicked Link Then Downloaded Something
This is more serious:
- Disconnect from the network
- Do not open the downloaded file
- Contact IT immediately
- They may need to scan your device
Entered Your Microsoft 365 Password
- Go to portal.office.com
- Sign in and change your password
- Check your account security at mysignins.microsoft.com/security-info
- Look for unfamiliar sign-in methods
- Contact IT to check for compromised account signs
Entered Banking or Credit Card Details
- Contact your bank immediately
- Report the phishing attempt
- Monitor your accounts closely
- Consider freezing your credit if significant details were shared
Preventing Future Incidents
Slow Down
Phishing attacks create urgency. Take a moment before clicking.
Hover Before Clicking
On a computer, hover over links to see where they really go.
Check the Sender
Look carefully at email addresses. Scammers use addresses that look almost right.
When In Doubt, Do Not Click
If something seems off, report it to IT instead of clicking.
Use Two-Factor Authentication
Even if attackers get your password, 2FA adds another barrier.
Do Not Be Embarrassed
Phishing attacks are sophisticated. Even security experts occasionally click bad links. The important thing is that you:
- Recognised something was wrong
- Took action quickly
- Reported it so we can help
Need Help?
For urgent assistance after clicking a suspicious link, contact helpdesk@netlumait.com.au or call 1300 521 162 immediately.
Was this article helpful?
Still Need Help?
If you are still having trouble, our support team is here to help.