I accidentally clicked a link in a suspicious email that looked like it was from my bank. I may have entered my login info. What should I do?
Time is critical — take these steps in order right now. First, go directly to your bank's real website (type the URL yourself, do not use any link from that email) and change your password immediately. If you cannot log in because the attacker already changed your password, call your bank's fraud department immediately — the number is on the back of your debit or credit card. Tell them you suspect unauthorized access and ask them to freeze your account temporarily. Second, enable two-factor authentication on your bank account if it is not already on. Third, check your recent transactions for any you did not make and report them to the bank. Fourth, change the password on your email account too — if the attacker has your email password (especially if you use the same password for multiple sites), they can intercept password reset emails from your bank. Fifth, run a malware scan on your computer with Malwarebytes to check for any keylogger or malware that the phishing link may have installed. Sixth, check your credit report at annualcreditreport.com over the next few weeks to watch for new accounts opened in your name. Consider placing a fraud alert or credit freeze through the three credit bureaus (Equifax, Experian, TransUnion) as an extra precaution.
Need personalized advice? Chat with an expert for $3.
Our verified experts will provide personalized advice for your specific situation.
Average response time: under 2 minutes · Money-back guarantee
Chat with an Expert — $3 →
