What to Do If You Clicked on a Suspicious Link

Target Audience: Iscte Community

Answer/Solution:

🛑 1. Stop Interacting with the Page → The less interaction that occurs, the lower the risk of compromise.

- Close the website immediately
- Do not click any additional links, buttons, or page elements
- Do not download any associated files

🚫 2. Do Not Enter Any Information → The primary goal of phishing attacks is to obtain user information

- Do not enter your username, password, or any personal information
- Do not complete any forms displayed on the page
- Do not approve any access requests or permissions

🔐 3. Secure Your Account (If Necessary) → This should be a priority to prevent unauthorized access

If credentials were entered:

- Change your password immediately
- Sign out of active sessions, if possible
- Enable additional authentication (e.g., MFA) when available

💻 4. Check for Impact on Your Device → Unexpected behavior may indicate an attempt to install malware

- Verify whether any files were downloaded
- Watch for unusual behavior, such as pop-ups, slow performance, or unexpected redirects
- Avoid continuing to use the device if you suspect it may be compromised

📸 5. Collect Evidence → This information can assist with analysis and help prevent similar incidents

- Save the URL of the suspicious website
- Take screenshots of the page
- Record the date and time of the incident

📣 6. Contact Technical Support → Prompt reporting helps reduce the impact and protect other users

- Report the incident as soon as possible
- Include:
  - The link that was accessed
  - The actions performed
  - Whether any credentials were entered

Futher Information:

Even if no information was entered, the incident should still be reported, as it can help prevent similar attacks within the community.