Accidentally clicking a suspicious link can be stressful, but acting quickly can make a big difference. Whether the link was in an email, text message, or fake website, taking the right steps immediately can help protect your account, your computer, and the people you work with. If you’re ever unsure whether a link was malicious, it’s always better to report it than to wait.
1. Change Your Password Immediately
If you entered your password after clicking the link, change it as soon as possible. On a Woods System of Care Windows computer, press Ctrl + Alt + Delete and select Change a Password. Updating your password quickly helps prevent attackers from continuing to access your account. Keep in mind that password changes may take a few minutes to take effect across all systems.
2. Run a Quick Security Check
Woods System of Care uses SentinelOne to help protect company computers. Open the Windows Search bar, type SentinelOne, and launch the application. Confirm that your computer shows a Protected status. While this is a good first step, it only checks the health of your computer. Continue with the remaining steps even if no threats are detected.
3. Report It to IT Immediately
Don’t wait to see if something happens. Contact the Help Desk by phone or submit a ticket through Support.WSOC.me as soon as possible. Early reporting gives IT the best opportunity to secure your account, investigate suspicious activity, and help prevent additional damage. Even if you’re unsure whether the link was malicious, we’d rather investigate a false alarm than respond after an account has been compromised.
4. Shut Down Your Computer
As a precaution, shut down your computer after clicking a suspicious link and leave it off until IT can investigate. This helps prevent any potential malicious activity and allows IT to determine when it’s safe to resume using your device.
5. Warn Your Contacts
If your email account may have been compromised, let your closest coworkers and anyone you recently emailed know what happened. Ask them to ignore any unexpected emails, links, or attachments that appear to come from your account until IT confirms everything is secure. A quick message to those contacts can prevent others from becoming victims of the same attack.
6. Check for Unauthorized Email Rules
Even after you’ve regained access to your account, it’s important to make sure nothing was changed behind the scenes. One of the first things cybercriminals often do after gaining access to an email account is create email rules or enable email forwarding.
Email rules are automatic instructions that tell Outlook what to do with incoming messages. While they’re commonly used to organize your inbox, attackers can abuse them to:
- Automatically delete security alerts or password reset emails.
- Move important messages to another folder so you never see them.
- Mark messages as read to make it appear nothing is wrong.
- Forward copies of your emails to another email address, allowing them to monitor your conversations.
How to Check Your Email Rules
- Sign in to Outlook on the web or the Outlook desktop app.
- Select the Settings ⚙️ icon.
- Choose Mail → Rules (or search for Rules in Settings).
- Review each rule carefully.
- Delete or disable any rule you don’t recognize or didn’t create.
Check for Email Forwarding
While you’re reviewing your settings, also verify that email forwarding has not been enabled.
In Outlook on the web:
- Open Settings ⚙️.
- Go to Mail → Forwarding.
- Confirm that forwarding is turned off unless you intentionally enabled it.
If you discover unfamiliar rules, forwarding addresses, or other account changes, do not delete them until you’ve contacted the Help Desk. These settings can help IT determine how your account was compromised and ensure nothing important is overlooked during the investigation.
Once IT has reviewed your account, they will help you safely remove any unauthorized rules or forwarding settings and confirm that your account is secure.
Comments
0 comments
Please sign in to leave a comment.