In the first two parts of this blog series, we examined the different methods used in the creation of spear-phishing attacks. If you didn’t have the chance to read our blogs and have clicked on a malicious link, there is no need to worry, you are far from being the first. In fact, 97% of people unable to identify one[1]. Spear phishing emails have an open rate of 70%. With 50% of receivers clicking on an attachment or link, users are 10 times more likely to make this mistake than with generic phishing emails.[2]

Studies show that detection and reporting are the main issues when an organisation is targeted by a phishing attack. It can take up to 50 days from the discovery of an attack, until it is reported; representing a huge risk for organisations.[3] The sooner these attacks are detected the better. To help limit the damage, follow these simple but essential steps.

Inform your IT Team

It is essential to inform your supervisor and the IT team about the phishing attack. Before doing anything, allow the IT team perform security processes such as scanning the system for malware and removing any potential threats that could compromised your device. The IT team will then notify your colleagues and make sure this won’t happen again.

Keep Calm and Cybersecure

Keep in mind that falling for a phishing email doesn’t always imply that your personal information has been compromised.  Phishing attacks are not all the same, and your response depends on the type of the attack. If you clicked on a malicious attachment, the best thing to do is to disconnect your device from the internet and turn off Wi-Fi. This will prevent the attacker from installing malware which can spread through the system. 

Change your Credentials

If you clicked on a link and entered your details on a spoofed website, it is important to immediately log in to your account on the legitimate website and change your credentials. You might need to report the phishing attack to the impersonated organisation, especially if financial information is involved. If you used the same password twice, make sure to change it on the other online account too. For more information, see our blog on password security here.

Back up your Files

The next step is to back up all documents, as they can be erased when recovering from a phishing attack. Any information which is owned by your organisation is your organisation’s responsibility to back up. However, it is your responsibility to save your work data to the correct location. This can be done by using a separate storage device such as an external hard drive, or by saving your information remotely as a cloud backup. 

Increase your Security Awareness

While 99% of installed network security systems are unable to stop a sophisticated spear phishing email[4], investing in cybersecurity training remains the best option to prevent these threats from happening again. Given the level of sophistication of spear-phishing attacks and the potential damage that they can cause, preparedness and prevention are foundational measures that should be employed to minimise risk. 

Instead of waiting for an attack to happen, it is within every organisations’ interest to educate their employees about information security practices and mitigate threats.

*Many organisations have their own procedures regarding breaches, back-ups and the general handling of a phishing attack. Please consult with the relevant parties within your organisation before taking any action.

If you believe that there has been a breach of personal data, please seek further information about procedure responsibilities from the Information Commissioner’s Office.


[1] https://www.comtact.co.uk/blog/phishing-statistics-2019-the-shocking-truth

[2] FireEye, Inc. Spear Phishing Attacks -Why They are Successful and How to Stop Them?

[3]https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/813599/Cyber_Security_Breaches_Survey_

[4] https://www.vadesecure.com/en/spear-phishing/