What should I do immediately after clicking a phishing link?

First, disconnect from the internet — turn off Wi-Fi or unplug your ethernet cable. Do not enter any more information on the page that appeared. Then change your email password immediately from a different device, turn on multi-factor authentication, and check your email forwarding rules for anything suspicious.

I clicked a phishing link but didn't enter anything — am I safe?

Probably yes, but follow the precautionary steps anyway. Some links attempt to run code automatically, though this is less common on updated devices. Disconnect from the internet, check your device for unusual activity, and run a malware scan. If nothing unusual appears in the next 24 hours, you likely avoided any damage.

I entered my password after clicking a phishing link — what now?

Change that password immediately on every account where you use it. Then turn on multi-factor authentication so that even a compromised password can't be used to log in. Watch for password reset emails you didn't request and unusual activity in your accounts over the next 48 hours.

How do I stop phishing attacks happening to my business?

The three most effective defences are multi-factor authentication on every account, a habit of pausing before clicking unexpected links, and knowing where your business stands on the basics. Multi-factor authentication is part of the Australian Signals Directorate's Essential 8 framework — one of the most effective controls for stopping phishing from causing lasting damage.

How do phishing emails trick people?

Phishing emails impersonate trusted brands — the ATO, CommBank, Australia Post — and create urgency to make you act before you think. They replicate real visual designs with surprising accuracy. The mechanism isn't technical sophistication — it's time pressure. Slowing down and verifying before clicking is the most effective defence.

I Clicked a Phishing Link. What Do I Do Right Now?

First: stop. Close the browser tab if it's still open. Take a breath.

You haven't necessarily lost anything yet — but the next ten minutes matter.

Most phishing attacks fail because people act quickly once they realise something is wrong. You're already doing that.

Phishing links are designed by professionals whose only job is to make them convincing. Clicking one doesn't make you careless. It makes you human. What you do in the next hour is what counts.

Here's exactly what to do.

What To Do If You Clicked a Phishing Link

1. Disconnect from the internet.
Turn off your wifi or unplug your ethernet cable. Do it now, before you read the rest of this. This prevents any malicious software from communicating with an attacker while you work through the next steps.

2. Do not enter any more information.
If a page appeared after you clicked — asking for a password, banking details, or personal information — do not type anything. Close it. Note what the page was asking for, because that tells you how urgent the next steps are.

3. Change your passwords immediately.
Your email password first. That is the master key. Everything else follows from there. Then any account where you use the same password. Do this from a different device if possible. Your phone is fine.

4. Turn on multi-factor authentication.
If MFA isn't already on your email, turn it on now. A scammer who has your password still can't get in without the second code sent to your phone. Five minutes to set up in Gmail or Outlook. Non-negotiable after today.

5. Check your email forwarding rules.
This is the step most people never check. Which is precisely why it works. Phishing attacks often quietly install a rule that copies everything you receive to an attacker's address. Go to your email settings → Forwarding → delete anything you didn't create yourself.

6. Call your bank if you entered financial details.
Fraud teams move quickly when contacted early. If you typed any banking information into a page after clicking the link, call your bank now. Not tomorrow. Now.

7. Tell someone who can help.
If you have an IT person, call them. If you don't — WISE ASSIST exists for exactly this situation. It's the support service built for the moment something goes wrong.

What Actually Just Happened

Phishing is when a scammer sends you a link designed to look legitimate — a bank security alert, an ATO tax notice, an Australia Post delivery update — that leads to a fake page built to steal your information or your access.

It works because it exploits urgency, not stupidity. Keep that in mind.

The outcome depends on what you did after clicking:

You clicked but didn't enter anything — low risk. Follow the steps above anyway. Some links attempt to run code automatically, though this is less common on updated devices.

You entered a password — moderate risk. Change that password immediately across every account where you use it. Turn on MFA. Watch for unusual login activity over the next 48 hours.

You entered financial or personal details — high risk. Call your bank immediately. Consider placing a fraud alert with your financial institution. Act fast — this is the scenario where speed matters most.

Phishing is the most common entry point for cybercrime in Australia. You are not alone in this moment — you're just handling it correctly. It's also the entry point for invoice fraud — something we cover in detail here.

How to Tell If It Worked

In the next 24 hours, pay attention. Not with alarm — with curiosity. Here is what would indicate the attack found something it wanted.

Password reset emails you didn't request. Someone may be trying to lock you out of your accounts.

Contacts telling you they received strange messages from you. Attackers use compromised email accounts to send phishing to your entire contact list immediately — while you're still distracted by the original attack.

Unusual account activity or unexpected transactions. Check your banking app and any connected payment platforms.

Emails appearing in your Sent folder that you didn't write. Check it now, and again tomorrow.

If you suspect a file was downloaded when you clicked, run a malware scan. Malwarebytes has a free version. It's not perfect but it's a reasonable first check for a non-technical business owner.

When in doubt: change the passwords, call the bank, and get support.

Why This Happened — And How to Stop It Happening Again

Phishing emails are built to beat your instincts. They use real brand names — ATO, CommBank, ANZ, Australia Post — and replicate their visual design with uncomfortable accuracy. They create urgency: "Your account will be suspended." "Action required by today." Urgency bypasses caution. That's the entire mechanism.

The three most common phishing triggers targeting Australian small businesses right now: ATO impersonation, bank security alerts, and fake invoice or delivery notifications. All designed to make you act before you think.

I rarely click them — not because I'm extraordinary, but because I know what to look for. So should you.

What actually stops phishing isn't paranoia. It's three things: MFA on every account, a habit of pausing before you click anything unexpected, and knowing where your business actually stands on the basics.

MFA is one of the eight controls in the Australian Signals Directorate's Essential 8 framework — the government's own tested and recommended set of protections for Australian businesses. The others address the gaps that phishing exploits once it gets in.

Most small businesses know the Essential 8 exists. Most don't know where they stand against it. That gap is exactly where incidents happen.

Find Out Where You Stand

I've seen what happens when businesses discover their gaps after an incident rather than before it. The assessment costs $149. The average incident costs $55,000.

I suggest you find out before something goes wrong.

The Essential 8 Gap Assessment takes 20-30 minutes. You get a clear, personalised report — which areas you're covered on, where the gaps are, what to fix first. $149. Fully online. Written for business owners, not IT professionals.

No sales call. No jargon. Just your score.

Start the Essential 8 Gap Assessment — $149 →

Secure checkout. Australian owned. Report in minutes.

And if something has already gone wrong — WISE ASSIST is the support service built for exactly this moment. Not just after the incident. During it.

Stay protected, my friends.

— The Most Secure Man Alive