Skip to Content
More - Oct 23, 2014

I Fell for a Phishing Scheme... Now What?

If you've fallen for a scam, don't feel too badly. Just take these important damage-control steps.
©istockphoto.com/ideaGU

You've no doubt heard of "phishing." It's when a scammer tries to get you to divulge important personal details or sensitive passwords by posing as an institution you trust and do business with. Often, these attempts come in the form of an email. Other times, a text message or even a phone call.

As the Royal Canadian Mounted Police (RCMP) says on its E-mail Fraud / Phishing page, "Be suspicious of any email or text message containing urgent requests for personal or financial information."

It's good advice. Here's what to do if you're hearing this too late and you think you might have been tricked into divulging important information, specifically your login and password information, in a phishing attempt.


Change Your Password

1. Go to the affected institution's login page by entering the URL directly into your browser's address bar.

2. Log in to your account.

3. Find the link to change your account password. Typically, this option is found under Account or Security – links which should be visible on the front page.

4. Change your password to something secure and completely different from the phished password.


Contact the Affected Institution

Pick up the phone. If it's your bank account that may have been compromised, you can call the number on the back of your client card (ATM card). Tell the person on the phone you want to report a security breach on your account. For PayPal or other sites, search, for example, for "PayPal report phishing" to figure out whom to contact.


Contact the Credit Bureaus

The RCMP suggests you call Equifax and TransUnion Canada to report that your important personal details may have fallen into the wrong hands. These credit bureaus will place fraud alerts on your credit reports to give you a measure of protection.


Report It

The RCMP also advises contacting your local police to make them aware of the phishing attempt.


Watch Out

Keep an eye on any affected accounts for suspicious transactions, log-in attempts and so on. If you don't already, comb over your bank and credit card statements to ensure nothing is amiss. You can also get credit reports regularly to make sure no new accounts have been opened or debts accrued in your name.


ALSO SEE:

Video: The Dos and Don'ts of Tech Security

Tips and Tricks for Protecting Your Password

Keep Your Smartphone Safe and Sound