6 steps to take if you fell for an email scam
0 min read
Email scams are one of the most common types of cybercrime. According to this 2021 report by TrendMicro, 90% of data breaches in 2021 were caused by a phishing email. Phishing attacks and the theft of vulnerable data can lead to large financial losses for individuals as well as companies. In the case of a business-related scam, phishing scams also go together with a loss of reputation, as customers no longer trust them to keep their data safe. It is therefore important to protect yourself against email scams, both when it comes to your personal and business accounts. But what if you have accidentally clicked a malicious link or downloaded infected software to your device?
First of all: don’t panic! Not all is lost, and there are ways to minimize the damage. In this article, we go over the six steps you should take to recover from an email scam. On top of that, you will get useful tips to prevent falling victim to a scam again in the future.
1: Disconnect from the Internet
As soon as you discover that you have fallen into a scam, you should disconnect from the Internet. Turn off your WiFi or data, and unplug your router if you are at home. Disconnecting from the Internet may stop the spread of downloaded malware on your device, as well as malware spreading to other devices.
2: Create a backup of your files on a physical device – not in the cloud!
As soon as you have broken off your connection to the Internet, make sure to create physical backups of all important files that are stored on your device. Scammers will often delete your important files or hold them “hostage”. This means that they trick you into paying them large sums of money to get access to your files back. Use a USB stick or an external hard drive to create a backup. Never use a cloud-based service like Google Drive or OneDrive: your scammers have likely already gotten access to your passwords to these!
3: Inform your IT department at work
If this email scam took place in a work environment, reaching out to your company’s IT department is an important part of the recovery process. It may feel intimidating to reach out, and you may feel embarrassed to report that you fell for a scam. However, it is important to note that cybercriminals are continuously coming up with new types of scams that are more difficult to detect. Anyone can fall into a scam, and it is not something to be ashamed of. Your company’s IT department will also assist you in taking adequate steps to recover from the email scam. They will help you get rid of any malware and keep the company IT environment safe.
4: Scan your device for malware and delete any malicious files
If the scam you fell victim to only affects your personal devices or accounts, you can skip the previous step. In this case, use your antivirus software to scan your device for malware yourself, and delete or quarantine any infected or suspicious file that it reports. If you are not comfortable doing this alone, you can also take your device to a hardware store for assistance.
5: Change your passwords and set up 2FA for your accounts
After you have cleaned up your device, you can turn on your internet connection again. As the hackers or scammers have likely gotten access to your usernames and passwords, be sure to immediately change your passwords on all of your accounts. This especially concerns email accounts, social media accounts and any e-commerce store that you have saved your credit card details to. Changing your passwords is a key step to recover from an email scam. After all, if the hackers have access to your passwords, they can easily do this to you again.
When you are changing your passwords, be sure to choose strong and unique ones. Choose Strong passwords are long (minimum 10 characters) and include both lowercase and uppercase letters, as well as at least one number and special character. For even stronger passwords, use numbers and special characters in the middle of your passwords as well, rather than tacking them onto the end. This will make your passwords harder to crack for cybercriminals. If you have difficulties remembering your unique passwords, consider using a password manager app like LastPass or Dashlane.
On top of this, be sure to enable two-factor authentication (2FA) for your accounts wherever this is a possibility. With 2FA enabled, you have to verify each login attempt with a code that you receive through a text, email or app like Google Authenticator. Using 2FA makes it much harder for hackers to gain control of your device.
6: Take steps to prevent falling victim to an email scam in the future
There are various steps you can take in order to prevent yourself from falling for an email scam again. First of all, be sure to report the fraudulent email that you received as such in your email client. This ensures that the sender of this email will be added to the blacklist. Future emails will then immediately go into your spam. In order to prevent any scams from reaching your inbox, consider using a spam filter like SpamExperts that identifies and blocks spam before it has a chance to enter your inbox.
On top of this, take some time to educate yourself about different types of scams and what you can do against them. We have linked some useful articles about this below:
- 8 internet security tips for fully remote companies (many of these are also relevant and useful for personal accounts and devices)
Subscribe to our newsletter
What are you waiting for?
Create an account today - it’s fast and free