You clicked a phishing link — what to do in the next 10 minutes

The emergency guide to limit damage if you clicked (or worse, entered credentials) on a fake site.

Last updated : March 20, 2026
← Back to blog
Guide 🕑 4 min 📅 March 20, 2026 ✍️ The Fiabli team
You just clicked a link in a suspicious email. Or worse: you entered your password on a fake site. Don't panic. The next 10 minutes are critical to limit the impact. Here's the checklist to follow, in order.

Step 1 (0-2 min): disconnect from the network

If you suspect background malware installation (automatic download, executable file launched), unplug your Ethernet cable or disable Wi-Fi. This prevents potential malware from communicating with its command server.

On smartphone: airplane mode. Cuts cellular and Wi-Fi.

Step 2 (2-5 min): change the compromised password

If you entered your password on the fake site, the attacker already has it. Change it immediately on the real site (go directly, not via a link). If you use the same password on other services, change it everywhere too.

Ideally, enable two-factor authentication (2FA) on the affected account. Even with your password, the attacker can't log in without the 2FA code.

Step 3 (5-8 min): monitor your accounts

Check recent transactions on potentially affected accounts:

  • Bank: log in, check operations from recent hours. Any unknown operation → immediate stop (number on back of your card).
  • Email: check connected devices list (Gmail: Security → Your devices). Sign out everywhere except your own.
  • Social media: same, check active sessions.

Step 4 (8-10 min): report

Reporting protects the community:

  • Anti-Phishing Working Group: apwg.org — submit the fake site URL, it'll be blocked by browsers.
  • FTC (USA): reportfraud.ftc.gov for victim assistance.
  • Impersonated bank/brand: forward the email to abuse service (often abuse@brand-name.com) — they'll block for their other customers.
  • Police: if you lost money or sensitive data, file a complaint locally.

Step 5 (after): prevent next time

Once the situation is stabilized, take 30 minutes to strengthen your defense:

  • Enable 2FA everywhere: email, bank, social media. 2FA neutralizes 90% of successful phishings (attacker has password but not code).
  • Use a password manager (1Password, Bitwarden, KeePass): they don't autofill on a fake site whose URL doesn't match — strong alert signal.
  • Enable automatic detection with Fiabli on your mailboxes: next time, the suspicious email will be analyzed before you have time to click.

The right reflex

Clicking a phishing email happens to everyone, even security experts. What matters is reaction speed. The 10 minutes following the click make the difference between a no-consequence incident and a fraud that empties your account.

To no longer have to chase every suspicious email, activate Fiabli on your mailbox. Protection is in place in 2 minutes.

Ready to protect your mailbox?

Activate Fiabli in 2 minutes. First verdict in under 2 seconds. Free plan forever.

Create a free account

Related articles

Guide 🕑 6 min

How to spot a phishing email in 30 seconds

The practical guide to identify phishing attempts before it's too late. 7 dead giveaways anyone can check.
News 🕑 5 min

The 5 most common email scams in 2026

Fake tax refund, fake parcel, fake Amazon, sextortion, CEO fraud: the scams claiming the most victims this year.
Technical 🕑 9 min

SPF, DKIM, DMARC: understanding email authentication

The 3 protocols that prove an email truly comes from who it claims. Without jargon, with examples.