top of page

Membership is FREE so join today to receive your welcome pack and access to all of our cyber security advice and resources.

Want to improve your cyber resilience?

What to Do If You Click on a Phishing Link: Seven Immediate Steps to Protect Your Accounts

  • emmamoss58
  • Apr 28
  • 3 min read
Fishing hook on keyboard with a button saying 'phishing'


Phishing attacks remain one of the most common and effective ways cyber criminals target businesses—and no organisation is immune. Even experienced staff can mistakenly click on a well-disguised phishing link, particularly as these attacks become more convincing and harder to detect.


For small and medium-sized businesses across the South West, knowing what to do in the moments immediately after someone clicks on a phishing link is essential. A quick, calm and informed response can significantly reduce the impact and prevent further damage.


Here are seven immediate steps your business should take if a phishing link has been clicked:


1. Disconnect the Device from the Internet

If there’s any chance that malware has been downloaded, disconnect the affected device from the internet immediately. This helps prevent any further communication with the attacker’s server and stops the spread of any malicious software across your business network.


2. Do Not Enter Any Additional Information

If the phishing link led to a website prompting you to enter login credentials, payment information or personal data—and you haven't yet submitted anything—close the page straight away. Do not engage further with the site, even if it appears to be legitimate.


3. Run a Full Antivirus Scan

Carry out a full system scan using your antivirus software to identify and remove any potentially harmful files. Ensure that your antivirus tools are up to date and configured to detect the latest threats.


4. Change Any Compromised Passwords Immediately

If login details were entered into a phishing site, change those passwords without delay. If the same password is used on other accounts, those must be updated too. Prioritise changing passwords for critical business services, such as email accounts, cloud platforms and banking systems.


5. Enable Multi-Factor Authentication (MFA)

If your systems support it, enable multi-factor authentication across all business accounts. MFA is a simple and highly effective way to add an extra layer of security, helping to prevent unauthorised access even if passwords are compromised.


6. Report the Incident

It’s important to report any phishing attempt. This allows authorities to track and respond to widespread campaigns and helps protect others.


  • Report suspicious emails to the Suspicious Email Reporting Service at: report@phishing.gov.uk

  • If business or personal information has been shared, report the incident to Action Fraud at: www.actionfraud.police.uk or call 0300 123 2040

  • Inform your internal IT team or managed service provider to ensure the situation is reviewed and logged properly


7. Monitor Systems and Accounts for Unusual Activity

After a phishing incident, monitor all affected accounts and systems for any signs of suspicious behaviour. This includes checking for login attempts from unknown locations, unauthorised password reset requests, or unexpected financial transactions. Businesses should consider enabling security alerts where available.


While mistakes can happen, prevention is always the best approach. Businesses across the South West can protect themselves by putting robust security measures and clear reporting protocols in place.


Steps to consider include:


  • Delivering regular cyber awareness training to staff

  • Implementing strong password policies and secure access controls

  • Ensuring all software and systems are kept up to date

  • Encouraging a culture where employees feel comfortable reporting potential mistakes


How the South West Cyber Resilience Centre Can Help

The South West Cyber Resilience Centre (SWCRC) works directly with businesses, charities and public sector organisations across the region to improve cyber security awareness and resilience.


We offer free and affordable support, including:

  • Staff training on how to spot and respond to phishing

  • Incident response planning and policy development

  • Cyber Essentials guidance and certification support

  • Vulnerability assessments to identify weak points in your systems


If you’re unsure whether your business is fully prepared to handle a phishing attack, now is the time to act.


Contact the SWCRC today for expert advice, practical resources, or to arrange a cyber resilience consultation tailored to your business needs.


Protect your business. Prepare your people. Strengthen your defences.



 
 
bottom of page