What to do if you've responded to a phishing scam

Published: September 14, 2006 | Updated: May 7, 2008
**
Related Links
Install Anti-Phishing Protection in your browser with Phishing Filter
Recognize phishing scams and fraudulent e-mails
How to handle suspicious e-mail
**
Phishing Respond

If you suspect that you've responded to a phishing scam with personal or financial information or entered this information into a fake Web site, take these steps to minimize any damage.

Step 1: Report the incident to the following authorities

Your credit card company, if you have given your credit card information. The sooner an organization knows your account may have been compromised, the easier it will be for them to help protect you.

The company that you believe was forged. Remember to contact the organization directly, not through the e-mail message you received.

In the United States, the Federal Trade Commission. Report the circumstances to the FTC: National Resource for Identity Theft

You can also report the phishing scam to the Anti-Phishing Working Group and to the FTC at spam@uce.gov.

To report the scam to these groups:

Create a new e-mail message addressed to them and attach the phishing e-mail to the new message.
Note: You can also copy the entire phishing e-mail and paste it in the new message.

Step 2: Change the passwords on all your online accounts

Read Help protect your personal information with strong passwords.
Start with passwords that are related to financial institutions or information.

Step 3: Routinely review your credit card and bank statements

Review your bank and credit card statements monthly for unexplained charges or inquiries that you didn’t initiate.

Step 4: Use the latest products and services to help warn and protect you from online scams

Install the latest e-mail software with spam and anti-phishing capabilities like Microsoft Office Outlook, Microsoft Office Outlook 2003, Windows Live, Windows Live Mail, or others to help identify and warn you about suspicious e-mails.

Install the Microsoft Phishing Filter using Internet Explorer 7. Phishing Filter helps dynamically protect you as you browse the web from Web fraud and the risks of personal data theft by warning or blocking you from reported Phishing Web sites. Learn more about how to install this new technology.

Install up-to-date antivirus and antispyware software. Some phishing e-mail contains malicious or unwanted software that can track your activities or simply slow your computer. Try new anti-virus and PC health software like Windows Live OneCare at onecare.live.com, and to help prevent spyware or other unwanted software, download Windows Defender. To help protect yourself against viruses, read An introduction to computer viruses.

Some phishing e-mail contains malicious or unwanted software that can track your activities or simply slow your computer. To help prevent spyware or other unwanted software, download Windows Defender. To help protect yourself against viruses, read An introduction to computer viruses.