What should you do if you open a phishing email? Learn how to protect your privacy

What happens if you open a phishing email?

In most cases, nothing. Phishing emails work by appearing as emails from legitimate senders but containing malicious content. If attackers try to change the way their emails are sent or front-load their emails with malware or suspicious attachments, email clients are far more likely to flag them as spam or potential cyberattacks, which makes them less likely to land inside their target’s inboxes.

So, if you open a phishing email, there’s no need to panic yet. More sophisticated attackers may glean information about you when you open their phishing emails. These details include your IP address, the operating system (OS) that you use, and your general location. However, these details alone won’t be enough to use it for identity theft or to compromise your security the way that a phishing attack might intend.

4 steps to take after opening a phishing email

Once you open a phishing email, don’t interact with it further. But it’s not a good idea to just close the email and forget about it. Here are the following steps you should take to protect yourself:

1. Mark the email as spam

Marking phishing emails as spam helps an email client like Gmail or Yahoo Mail to identify any attackers, networks, and devices sending out phishing attacks. By marking a phishing email you’ve opened as spam, you’ll be helping increase the level of security for yourself and your organization, and this method is more effective than just unsubscribing.

2. Report the email to your IT department or company

Report phishing to your IT department immediately if you’ve opened a phishing email on a company email account or network. The email could be an attempt to get sensitive data or spread malware on your company’s network. Immediately notifying your IT department becomes crucial, particularly if you work at institutions that handle large volumes of sensitive information, like major credit bureaus. A scammer might try to impersonate your company or a specific individual, and your IT department will be able to tell you if you’ve received a phishing email.

3. Don’t reply or click on links or attachments

Phishing emails often contain suspicious links, ask for information about your online accounts, or have malicious attachments that can target your sensitive information and send you to fake websites. Such URL phishing attacks are relatively common, so make sure to not click on a spoofed link/URL.

4. Delete the email

If you’ve followed all the steps above, delete the email you received immediately. Keeping phishing messages in your email client any longer than necessary increases the risk of accidentally opening them again and clicking on their malicious links or content, which can further jeopardize your safety.

What to do if you click on a link in a phishing email

If you’ve accidentally clicked on a phishing link, here are the following steps you should take:

1. Change your credentials. Changing passwords and other login details ensures that the attackers won’t compromise important data such as information about your bank accounts or your social security details.
2. Scan your device for malware. In some cases, clicking on phishing links can also result in malware being downloaded on your computer. Use anti-malware software to scan your device and don’t do anything online until the issue is resolved.
3. Disconnect your device from a network. This step ensures that the attacker won’t be able to access information on your other devices, potentially opening you up to different types of cyberattacks, and your device won’t spread malware to others.
4. Delete downloads from a phishing email. If you click on a phishing link and it tries to download software or files on your computer, either interrupt the download immediately or delete the files from your computer once the download is complete.

How to recognize phishing email scams

Knowing what to do when you’ve opened a phishing link or clicked a suspicious email is good, but preventing any interaction with them is better. Fortunately, you can watch out for some telltale signs that an email you’ve received may be fraudulent even before you open it.

• Sound of urgency. Phishing emails often encourage you to open or interact with them immediately, often with a false alert or notification from a seemingly legitimate source.
• Misspelled grammar. Like spam emails, phishing emails can contain obvious typographical errors that emails from legitimate senders will not have.
• Check the sender’s email address. Phishing emails will try to imitate the email addresses of legitimate sources. Always check the sender’s email address closely because there might be some errors in the email address.
• Requests for personal information. Phishing messages will ask for information about you, your online accounts, or other sensitive data.
• Unrealistic offers. Any deals, limited-time sales, or free vouchers that request a text message before you can claim them can often lead to phishing scams. Delete the suspicious message immediately.

In most cases, your email client does a good enough job recognizing phishing emails, typically sending them to your spam folder. However, knowing the signs of a phishing email (or using advanced phishing email detection) increases your security.

FAQ

What happens if you open an attachment in a phishing email?

Opening an attachment from a phishing email within your browser will usually have no effect. Since your email client will attempt to display it as is, it’s highly unlikely that simply viewing the attachment will cause any particular harm.

However, the risk becomes significantly higher if your browser auto-downloads images, files, and other attachments from an email (a setting usually turned off by default). Once downloaded or opened on your device, an attachment is more likely to cause damage, triggering anything from keyloggers to malware.

What happens if you open a suspicious email attachment on an iPhone?

Mobile devices follow the same rules as computers or laptops — if you don’t download the attachment and open it on your device, you’re most likely in the clear. However, if you do open an email attachment from a phishing email, you should keep calm and follow the instructions above about downloading an attachment on your mobile device. Delete the attachment, disconnect from the internet, and bring your device to your nearest service center.

Do scammers know that I opened a phishing email?

In most cases, simply opening a phishing email will not endanger you. However, it may give your attacker more information about you, your device, or your internet connection, which they can use to launch more attacks.

What should I do if I keep getting phishing emails?

If you regularly find yourself a victim of phishing attacks, take the following steps to protect yourself:

Check if your email address has been included in a data breach. Email lists can be acquired when attackers hack a large organization and then distribute emails to other attackers.

Call your bank/company/organization. Company-given email accounts are a favorite target since even small breaches can lead to significant opportunities to steal data or attempt scams like identity theft.

Upgrade your protection. Antivirus software bundled with anti-phishing software can scan your email before you open it and protect you from suspicious attachments.

Most importantly, be aware of phishing emails and take action to protect your privacy — in cybersecurity, being proactive always pays off.