Change All Passwords: What To Do In Case Of Phishing
If you have been or think you may be a victim of phishing , the first thing you should do is change all the passwords for your digital accounts and profiles . This will allow you to stop the threat while you take other types of measures, such as communication with your bank or reporting your case to the police or civil guard. In this article we will explain the steps you must follow to minimize the damage of a phishing attack , but first, let’s see what this type of cyber attack consists of.
Table of Contents
What Is Phishing?
Phishing is a type of cyber threat that we can find when browsing cyberspace and is based on capturing personal data from its victims, such as their accounts and passwords, through some type of deception or scam . For example, by sending an SMS or email pretending to be your bank or your energy supply company.
These emails include links to websites set up to get your private information. What they do is imitate the legitimate company and ask you for some personal data with urgency indicators to create some alarm and act promptly. These attacks are closely related to spam , so you will have to be especially careful with this type of message. Because? These emails or sms are usually sent massively to multiply the number of potential victims.
How To Detect If I Am Suffering From This Attack?
These types of actions have a very defined strategy. However, there is no need to be alarmed, since if you follow the appropriate steps, you will be able to detect them without problem. Although these messages have the normal appearance of someone you trust, there are always a number of clues that will help you identify a case of phishing.
In the message it is very common for some alarmist discourse to be used. For example, that a suspicious login has been detected on their website, or asking you to click on a link to make a pending payment. In other cases, they offer you a coupon to take advantage of a discount or indicate that there is some kind of problem with your personal data and they need you to verify it. Also, it’s rare for a corporate message from a company you’ve hired to go to your spam folder. Therefore, the emails you receive in this folder should be treated with care.
If you are already suffering from it because you did not know how to identify it, some indicators will help you to realize this situation. In the event that your contacts notify you that they are receiving emails from your account with “rare” messages, it is normal that you are being a victim of phishing. Surely you have some malicious program on your computer that is the cause of these shipments. Other evidence is the charges made to your bank account for purchases that you have not made or posts on your social media profiles that you have not made. And if you try to enter a web page with your credentials and it says that your access code is invalid, you can also suspect that something is wrong.
How To Successfully Resolve This Attack And Minimize The Damage?
The main thing is to stay calm. In this sense, the first step to carry out is to find out the data that may have been leaked and thus know what the real threats are. Subsequently, it is necessary to act to prevent this situation from happening again and protect your privacy. Remember that passwords are your first security barrier against cybercriminals, so you should also take care of them first to restore protection to your devices.
Next, we present a step by step to neutralize any attack that you have suffered.
Change Your Email Password
One of the first measures that is recommended to carry out is to change the passwords of your email accounts, since it is a common basic information of all your other accounts (banks, stores, etc.). To do this, log in normally and in the settings of your messaging server, enter the “Accounts and import” section if you use Gmail, and change it; If you use another email application, this option will be in the Account or Settings section. It is enough to write it twice to verify that you enter it correctly and the process will end. What if you don’t remember it or the cybercriminal has modified it? In this case, start a recovery process to later modify it.
There are two options to recover a password. To do this, you will need to have previously provided a mobile phone number or an alternative email within the settings of your messaging server. In the first case, it will ask you if you are trying to access your email account and you will receive an SMS message on your smartphone, or it will ask you to select a combination of numbers. In the second, you will receive a message with a recovery email. Once you have completed the verification in any of these ways, you will simply have to enter the new password.
And The Passwords Of Your Social Networks And Other Relevant Entities
In addition to email, your social network profiles are another point to watch. Modifying the different passwords will restore the security you previously had. To carry out this process, log in to each of the profiles and follow the process indicated.
Likewise, apply it with all the websites where you have an account and you suspect that they may have suffered malicious access: banks, telephone providers, Netflix, Amazon, etc. This way you will regain control and security.
Use An Antivirus
The installation and use of an antivirus is essential in these cases. There are many specialized programs that will protect you against these attacks. Antiviruses use an intelligent threat detection system capable of identifying all malicious links and warning you of their intentions. In addition, they also notify you if the attached file is infected.
One of the free and accessible options that you can find is Avast Free Antivirus . It has everything you need to be protected and enjoy a good browsing experience. And if you use the Windows operating system, remember that you have free security software at your disposal: Microsoft Defender. You can find it already installed on your computer, just make sure that the protection is activated before continuing with the navigation.
Block Your Debit Or Credit Cards
Another of the immediate measures if we suspect that we have been a victim of phishing is to block all your means of payment, especially your cards . This is the way to prevent third parties from using your money in online stores , for example. Once the threat is removed, we recommend that you change your credit card to ensure that your bank details are fully protected.
Talk To Your Bank And The Authorities
If you have suffered any type of improper collection, contact your financial institution . All banks have teams specialized in these issues and will be able to advise you to prevent it from happening again.
In addition, it is beneficial that you file a complaint with the Police so that they can investigate your case from their cybercrime department.
Communicate It To Your Close Environment
Last but not least, inform your environment . This way, you will have the option to stop the spread of this threat. Explain to them that you have received a phishing attack and that they may receive emails , or messages on social networks, inviting them to click on a link. Tell them to ignore and delete them.
Tips To Prevent Being A Victim Of Phishing
There are different actions that we recommend you put into practice to prevent it and, above all, have a much safer browsing experience on the Internet. Some of the most prominent are the following:
- Two-step authentication: one of the most effective methods to put a barrier to this type of attack, since two devices will be necessary to verify your identity. Some of the most common are the mobile phone along with email.
- Websites with security certificates: it is important that you know the reliability of the websites where you enter confidential information, especially when you buy online. In your browser (Google Chrome, Firefox…), always look for a small padlock next to the address of the page. This indicates that the data is encrypted and therefore secure.
- If you have the slightest doubt, ask: if you receive an email or SMS that you suspect may be phishing , contact the company. Thus, your team will be able to indicate if it is valid information or a scam attempt.
- Use a password manager: the use of this tool also guarantees the safe use of all the keys that may be of interest to you. One of the most used is that of Google Chrome . Since its last update, the server notifies you when something has been violated and it will be very useful in cases of phishing to identify the problem.