Skip to main content
Microsoft 365
Sign in
July 12, 2022

How to Recover from an Email Scam

Almost everyone has been tricked by a phishing email—the common email scam classic. Learn how to recover from being scammed and what you can do to minimize the damage.

What is a Phishing Email?

Phishing emails are social engineering scams designed to trick people. The email may disguise itself as an urgent request from a coworker, a note from a utility company informing you of a past-due bill, or a supposedly funny video linked from a family member to entice you to open it. Almost always, there’s a link inside. You may click on it without even thinking about it because you implicitly trust that the sender is who they say they are.

Your Outlook can change everything Banner
Microsoft 365 Logo

Your Outlook can change everything

Spend less time organizing your life and more time enjoying it with Outlook

Learn more

Steps to Take if You’re the Victim of a Phishing Email

If you think you’ve fallen for a phishing email scam, there are tried-and-true ways to proceed.

Don’t Panic

These types of social engineering scams have become increasingly common and sophisticated. Don’t beat yourself up for clicking a link or opening an attachment. Keep a cool head and take stock of the situation. Not every phishing email results in stolen identity or bank fraud. Your next steps depend on the type of scam you’re dealing with.

Disconnect Your Devices

If you’ve downloaded an attachment from a phishing email, you should disconnect your computer, tablet, or phone from the internet as quickly as possible. A phisher can access your device if it’s connected to an internet network; if you cut off that access, you may be able to stop them from installing ransomware or malware or gaining remote access.

Change Your Passwords

You may have clicked a link that led to a fraudulent website and entered your username and password for that site. Not only should you change your password for the site you thought you visited, but you should reset the login credentials for other accounts like your email account, social media profiles, and financial institutions. If you haven’t already done so, take this opportunity to enable two-factor authentication wherever it’s available and make sure that each account has its own unique password.

Contact the Proper Authorities

One of the most important ways to recover if you get scammed is to report the fraud to any companies that may be involved, as well as to your local government—especially if you think identity theft may be involved.

Report the scam to the company that was spoofed. Phishing scams will attempt to target many victims at once; if the company is aware that these attacks are taking place, it can take steps to protect other customers.

You can help others avoid a similar circumstance by sharing the details of your experience to the Anti-Phishing Working Group or the FBI’s Internet Crime Complaint Center. You should also contact at least one of the three major credit agencies as well as your credit card companies to put a freeze on your credit report and protect yourself against fraudulent charges. It can be difficult to determine exactly what information a scammer has access to, so cover all your bases.

Update & Scan Your Devices

Update the operating system and software on the device where you opened the suspicious email. Up-to-date software and operating systems can act as a first line of defense. Whether you clicked a link or downloaded an attachment, you should scan your device with anti-virus software to check for malware and spyware. If you don’t feel comfortable doing this, you can always enlist a private service to help you.

How to Protect Yourself from Other Email Scams

You might feel a little foolish if you fell for an email scam, but it may change the way you use the internet and make you a little more cautious in the future. Enable two-factor authentication on your accounts and create unique, hard-to-guess passwords. You should also consider the amount of personal information that is readily available to a scammer and take steps to minimize that. If you’ve dealt with ransomware in the past, you may feel more comfortable either completely powering your device off or disconnecting it from the internet when you’re done using it for the day.

Make sure that your sensitive information and files are regularly backed up and use a VPN to securely access the internet.

It can be stressful to recover from an internet scam, but it will make you a more cautious, aware user in the future.

Get started with Microsoft 365

It’s the Office you know, plus the tools to help you work better together, so you can get more done—anytime, anywhere.

Buy Now

Topics in this article

Tags

Privacy & Safety

More articles like this one

Hacker on a laptop
July 24, 2024

CEO fraud: What it is and how to identify it

Identify and stop a CEO fraud attack with these tips. Learn how this scam, sometimes known as whale fishing, is aimed at company executives and how to master CEO fraud detection.

Learn more
Bitcoin logo
June 27, 2024

What is cryptojacking?

Find out what cryptojacking is and how to recognize if your devices have been targeted.

Learn more
Ethernet cables in a port
June 27, 2024

What is a Smurf attack?

Prevent cyber attackers from targeting and overwhelming your computer. Learn what a Smurf attack is and how to prevent it.

Learn more
Robots sitting at computers
June 27, 2024

How to spot bots on social media

Recognize questionable behavior on social media such as off-putting and automated messages. Learn why this behavior may be a sign of social media bots and other indicators.

Learn more
Microsoft 365 Word, Excel, PowerPoint, Outlook, OneDrive, and Family Safety Apps
Microsoft 365 Logo

Everything you need to achieve more in less time

Get powerful productivity and security apps with Microsoft 365

Buy Now

Explore Other Categories