--- title: "Recovering from a Phishing Attack | Phish Protection" description: "Recovering from a Phishing Attack: So you tried your best to avoid a phishing attack but one day your laptop woke up with the flu bug. Criminals use phishing." image: "https://phishprotection.com/og/blog/recovering-from-a-phishing-attack.png" canonical: "https://phishprotection.com/blog/recovering-from-a-phishing-attack/" --- Quick Answer So you tried your best to avoid a phishing attack but one day your laptop woke up with the flu bug. Criminals use phishing attacks to try to get at your personal information. You receive a legitimate-looking email with a \*\*link\*\* or \*\*attachment\*\* attached and you take the bait. After the initial shock wears off what do you do? Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Frecovering-from-a-phishing-attack%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Recovering%20from%20a%20Phishing%20Attack&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Frecovering-from-a-phishing-attack%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Frecovering-from-a-phishing-attack%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Frecovering-from-a-phishing-attack%2F&title=Recovering%20from%20a%20Phishing%20Attack "Share on Reddit") [ ](mailto:?subject=Recovering%20from%20a%20Phishing%20Attack&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Frecovering-from-a-phishing-attack%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/01/what-is-phishing-4691.jpg) So you tried your best to avoid a phishing attack but one day your laptop woke up with the flu bug. Criminals use phishing attacks to try to get at your personal information. You receive a legitimate-looking email with a **link** or **attachment** attached and you take the bait. After the initial shock wears off what do you do? First and foremost, **disconnect your device** immediately to get offline. The criminal could be in the process of installing [ransomware](https://www.csoonline.com/article/3236183/ransomware/what-is-ransomware-how-it-works-and-how-to-remove-it.html) on your computer. So if you have a wire connection, simply unplug the internet cable. If your device is wireless, disconnect it from the [wifi network](https://www.cisco.com/c/en/us/solutions/small-business/resource-center/networking/wireless-network.html). > This can **prevent other attempts** to infect other devices on your [network](https://www.computerhope.com/jargon/n/network.htm) AND it also stops someone from accessing your email contacts to send THEM phishing emails. **_Who would suspect an infected email coming from a friend or colleague?_** If the phishing email appeared to come from your… - Financial Institution - Email Provider - Social Media Sites …then, you should go to the real website by entering its URL instead of clicking a link. Just remember that a legitimate site will have a **padlock or other icon** to let you know it is secure. Also, take a look at the **return email address**. If the email is allegedly from [Bank of America](https://www.bankofamerica.com/privacy/report-suspicious-communications.go) for example, and the return email address is something like “[aliens@bobsyouruncle.com](mailto:aliens@bobsyouruncle.com)” then it’s probably NOT a legitimate email. Once on the legitimate website, you need to **change your password**. (Even if you were not the victim of an attack, it is wise to change your passwords on a regular basis.) And if you are like most people, you use the same password for more than one website. It is best to be safe by changing those passwords as well. ##### Placing an Alert If you think personal information might have been compromised, you can **place an alert** with the\*\* three major credit bureaus\*\* as a sign to potential creditors that you could be a victim of [identity theft](https://www.identitytheft.gov/). What does the fraud alerts do? It notifies creditors to contact you before they open a new account or make changes to an existing account. By law, if you notify one [credit bureau](https://www.investopedia.com/terms/c/creditbureau.asp), it has to notify the other two bureaus. (For contact information for the three major credit bureaus, check at the end of this article.) ![What is phishing](https://media.mailhop.org/phishprotection/images/2019/01/what-is-phishing-4691.jpg) #### Notifications from Websites Some websites notify you if there appears to have been suspicious activity. Google’s Gmail, for example, will tell you if there is more than one location logged into it. Credit card companies look for **signs of unusual activity** and may notify you to verify that the transaction was valid. Once I tried to use my debit card at a gas station but could only get a couple gallons because the pump was so slow. I drove down the street to another station and pumped my gas. My card company called to make sure it was valid since I had tried to use it multiple times. Also, check bank or credit card statements regularly to make sure [fraudulent transactions](https://www.creditcards.com/glossary/term-fraudulent-transaction.php) do not show up there. Even if you have not been phished this is a\*\* wise course of action \*\*to follow. ##### Notifying the Company You should also notify the company that was mentioned in the phishing email about your experience. It may help them protect others from suffering the same fate. They should have a method in place to assist you when you contact them. Sometimes they will want you to forward the infected email to a special email (like [abuse@theirwebsite.com](mailto:abuse@theirwebsite.com)). You can view the full email including header information which can provide a clue. In Google Gmail, for example, you can click on the three-dot menu and select “[Show Original](https://support.google.com/mail/answer/29436?hl=en)”. That’s why the company may ask you to send the email. ##### Updating the Security Software on your Computer Next, you should **update your antivirus software** and do a \*\*full scan of your computer (\*\*and possibly external hard drives) to weed out malicious [viruses or malware](https://www.symantec.com/connect/articles/what-are-malware-viruses-spyware-and-cookies-and-what-differentiates-them). There is no excuse for not using antivirus software on a regular basis; there are several very good software apps that are also free. You should be doing so on a regular basis, right? You should also make sure that you **backup your data regularly** either to another hard drive or to an offsite location on the cloud. You will be very grateful for this simple action if your hard drive crashes. Again there are good backup apps available that are not expensive or are free. Make that investment now for peace of mind. File a complaint with the [Federal Trade Commission](https://www.ftc.gov/) (FTC). The FTC keeps a database of identity theft cases that is used by law enforcement agencies in their fraud investigations. (Contact the FTC at [www.consumer.gov/idtheft](http://www.consumer.gov/idtheft) or 1-877-ID-THEFT.) If you happen to be an eBay aficionado and think your account there has been affected, you should change your password immediately and also check to see if there are any new listings or bids in your name. The fraud line for [eBay](https://pages.ebay.com/seller-center/index.html) is 1-866-961-9253 and no, that is not the number for everyday help inquiries. **What are some things you can do to [prevent phishing](/content/phishing-prevention/)?** ![How to prevent phishing](https://media.mailhop.org/phishprotection/images/2019/01/how-to-prevent-phishing-2277.jpg) - [Two-factor authentication](https://www.google.com/landing/2step/), for the sites that support this, it is a good preventive measure. It requires two forms of authentication in order to access an account. - Subscribe to an **ID theft prevention service** that monitors your accounts and helps to prevent another attack. If a major data break-in occurs at your bank or retail businesses where you shop, check to see if that institution or business offers [ID theft protection service](https://www.consumer.ftc.gov/articles/0235-identity-theft-protection-services) for free. - Invest in a VPN, or Virtual Private Network. This service allows you to browse the internet anonymously and securely. Some [VPN](https://www.cnet.com/best-vpn-services-directory/)s have servers around the world so an added benefit would your being able to connect to a server in the UK and watch the BBC programs! _I hope this information has given you a good start in recovering from a phishing attack and also preventing the next one._ **Here is the contact information for the three major credit bureaus:** - Equifax ([www.equifax.com](http://www.equifax.com/)) 800-525-6285 - Experian ([www.experian.com](http://www.experian.com/)) 888-397-3742 - TransUnion ([www.transunion.com](http://www.transunion.com/)) 800-680-7289 ## Topics [ Uncategorized ](/tags/uncategorized/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 10m IT Support: Why you Need it, What it Does, And How to Optimize it Dec 2, 2022 ](/blog/it-support-why-you-need-it-what-it-does-and-how-to-optimize-it/)[ Intermediate 4m Phishing Scams Revolving Around Covid-19 Vaccines: How To Remain Secure Against Such Attacks Feb 25, 2021 ](/blog/phishing-scams-revolving-covid-19-vaccines-remain-secure-attacks/)[ Intermediate 2m Protecting Against Phishing is Even Harder With Invisible Links Jan 22, 2019 ](/blog/protecting-against-phishing-is-even-harder-with-invisible-links/)[ Intermediate 5m As Twitter Plans To Charge Verified Users $8 Fee, Threat Actors Start Launching Phishing Campaigns Exploiting The Situation Nov 10, 2022 ](/blog/twitter-plans-charge-verified-users-8-fee-threat-actors-start-launching-phishing-campaigns-exploiting-situation/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Recovering from a Phishing Attack","description":"Recovering from a Phishing Attack: So you tried your best to avoid a phishing attack but one day your laptop woke up with the flu bug. Criminals use phishing.","url":"https://phishprotection.com/blog/recovering-from-a-phishing-attack/","datePublished":"2019-01-18T11:43:59.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-01-18T11:43:59.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/recovering-from-a-phishing-attack/"},"articleSection":"intermediate","keywords":"Uncategorized","wordCount":1050,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/01/what-is-phishing-4691.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Recovering from a Phishing Attack","item":"https://phishprotection.com/blog/recovering-from-a-phishing-attack/"}]} ```