What to Do if You Click on a Phishing Link on Mac

Phishing is a practice that is as old as the internet itself. As we have become increasingly web savvy, we have all become less susceptible to classic scams stating we’ve won a free iPhone or ten million Ugandan dollars. Because of this, online scams have become more sophisticated and harder to detect, which makes many people concerned about their safety online.

Google has stated that they managed to block 99.9% of all phishing scams successfully, but despite this, some still fall through the net. It’s estimated that over 326,000 people were victims of phishing scams in 2021 alone. So although the web is much safer now than it once was, it’s still incredibly important to be cautious online.

Before we start:

 

One of the most popular methods of phishing is the posting of fraudulent adverts. Over the next five years, it’s projected that worldwide digital ad fraud losses will grow from $88 billion in 2023 to $172 billion by 2028. This means that in our increasingly online age, it’s imperative to protect yourself from dodgy ads in order to stay safe online.

 

Fortunately, MacKeeper’s built-in StopAd feature can protect you from advertising scams by blocking all ads as you surf the net, making for a more convenient, secure way to browse the web in privacy.

 

To enable StopAd on your Apple device:

1. Download MacKeeper.
2. Select StopAd from the side menu and click Open.
3. Select the web browsers you’d like to block ads on.
4. Select Enable/Install and follow the on-screen instructions to enable StopAd.

What is phishing in cybersecurity

Phishing is a method of fraudulence used by online scammers. Phishers feign legitimacy by pretending to be a company you can trust and then convince victims to install malicious software or to hand over personal identity information, such as logins, passwords and bank details. To find out more about the types of phishing, check out the article on our blog.

How to know if you accidentally clicked on a suspicious link on Mac

As phishers are actively attempting to defraud you, they can often be very difficult to identify. Some people will find themselves the victim of a phishing scam and not even realize that they’ve clicked on a fraudulent link. So, here’s how you can find out if you’ve accidentally clicked on a suspicious link before it’s too late:

1. Pay attention to the browser warnings
2. Recognize who sent you the link
3. Red flags of phishing in content
4. Hefty offers

1. Pay attention to the browser warnings

Phishing has been a problem since the dawn of the World Wide Web, and as such, web browser companies have been trying to protect you from scams by flagging suspicious websites. These alerts appear as full-screen warnings before connecting you to the suspicious website.

2. Recognize who sent you the link

Spam emails are the most common method scammers use to send suspicious links. If you’re wondering what spam is, find out more in our handy blog piece. You can often spot a suspicious link by reading the URL, which will likely not be the same as the website of the company they are pretending to be. Before clicking on a received link, look at the sender’s email address. This should match the domain of the website. For example, if an email address ends in “@apple.com” you will know that the sender actually works at Apple.

3. Red flags of phishing in content

Phishing scams usually employ an urgent tone, suggesting that if you don’t act now, you’ll miss out. This is to convince you to click on a suspicious link without checking who sent it first. Bad spelling or grammar is another red flag that you’ve been sent a suspicious link, so be sure to read closely to identify a scam.

4. Hefty offers

Another way to easily identify a phishing scam is if someone is asking for your bank details. Scam emails often try to phish bank details off their victims by saying they are due a payout—a refund or a fake competition win. They also try to get your bank details by offering huge, unrealistic discounts on expensive goods or state that you’ve been issued with a fine.

To find out more about banking scams, read our article about the infamous Apple ID scams. These scammers prey on FOMO, so the most important thing to remember when avoiding a scam is that if something is too good to be true, it probably is.

What to do if you accidentally click on a suspicious link

If you accidentally click on a suspicious link on a Mac, the very first thing you should do is close down the webpage and quit your browser. This will ensure that the internet connection between yourself and the scammer is ended instantly and will protect you from being phished further.

It’s very easy to panic, but the best thing to do is to stay calm and be proactive. Think about what personal information you’ve provided to the scammer. For example, if you haven’t provided any banking credentials, you won’t need to contact your bank.

There are many ways to protect yourself after clicking on a suspicious link:

1. Turn the internet connection off on your Mac
2. Contact your bank
3. Back up your data
4. Scan macOS with an antivirus
5. Change credentials
6. Contact verified tech support
7. Warn family and friends

1. Turn the Internet connection off on your Mac

If you think you clicked on a bad link on Mac, and that your security has been compromised, you should immediately disable your internet connection to protect yourself. Should you be using a wired connection, simply unplug your Ethernet cable to disconnect from the internet immediately. For mobile devices, simply turn on Airplane Mode. If, like most of us, you connect to the internet using Wi-Fi, follow the steps below:

1. Open Launchpad and open the System Preferences app.
2. Select the Network icon in System Preferences.
3. Click Turn Wi-Fi Off.

2. Contact your bank

Most phishing scams will, at some point, ask for your bank details or credit card number. If you have accidentally provided sensitive bank credentials to a scammer, it is vital that you contact your bank as soon as possible to prevent money being taken from your account. Your bank will then be able to flag any suspicious transactions and protect your finances.

Some banking apps also offer a feature to disable or freeze your card immediately, which is an ideal thing to do if you accidentally provide your credit card number to a scammer. In the event that money has been taken from your account, many banks offer fraud protection and may be able to refund the money taken from you. A good rule of thumb is that the sooner you contact your bank, the sooner you will be safe from the phisher.

3. Back up your data

To back up your data using Time Machine, you have to make sure your external drive is formatted in either APFS or macOS Extended (Journaled). Then, open the Time Machine menu in System Preferences, and select your drive to back up your files.

For more details, see our below step-by-step guide:

1. Ensure your external drive is formatted to APFS or macOS Extended (Journaled). To find out how to do this, check out our guide on how to use Time Machine.
2. Open System Preferences and select the Time Machine icon.
3. Click Select Disk.
4. Select the external drive you want to use for your backup, and hit Use Disk.
5. Tick the Back Up Automatically box to back up whenever your external drive is connected to your Mac.

Hint from our experts: Some phishing scams install spyware on your computer, which can harvest your personal data and observe your keystrokes to steal your passwords. If your MacBook is compromised, it’s wise to back up the important files on your device using macOS’s Time Machine feature.

4. Scan your macOS with an antivirus

If you click on a phishing link on Mac, there’s a risk of catching one of the most dangerous types of malware—spyware—allowing a phisher complete access to a hacked MacBook. Fortunately, you can detect and protect malware easily using an antivirus software like MacKeeper. For this, follow these steps:

1. Download MacKeeper.
2. Select Antivirus in the side menu, and click Launch Antivirus.
3. Click Next to enable the maximum, real-time protection.
4. Follow the on-screen instructions to allow Antivirus protection to launch.
5. Click Start Scan and MacKeeper will automatically locate and protect against any virus threats.

5. Change credentials

If you click on a scam link on Mac, it’s possible that your login credentials for various online accounts could now be compromised. You should immediately look to change all of your passwords as scammers harvest user data like your passwords and sell them to others online. You can automatically check which of your passwords have been compromised using MacKeeper’s ID Theft Guard:

1. Download MacKeeper.
2. Select ID Theft Guard from the side menu.
3. Enter your email address, and click Start Scan.
4. Verify your email address using the code emailed to you.
5. MacKeeper will then display all of your passwords that have been compromised in hacks or data leaks.

6. Contact verified tech support

Many phishers try to scam their victims by pretending to be tech support, and will try to convince you to install software to remove viruses that you don’t actually have. So, if you need support, you should use a reputable service. Find out how to use the tech support in MacKeeper’s Premium Service below:

1. Download MacKeeper.
2. Click Ask an Expert in the top right corner.
3. Type in the question you need answering into the live chat box, and get immediate support and advice.

Note from our team: 

 

It’s always worth remembering that tech support will never just contact you out of the blue. Fake tech support companies are a dime a dozen, and can often appear high up on Google search rankings despite being cowboy outfits. So, if you require tech support, use a reputable company. MacKeeper’s Premium Service offers 24/7 support, works 365 days a year, and it has been fully notarized by Apple so that you can trust us as a safe and verified application.

7. Warn family and friends

In the unfortunate event that you have been phished, and your personal data has been compromised, it’s incredibly important to warn your family and friends about the scam you’ve faced.

What for? If you’ve been phished, the hackers will potentially have access to your contact list and may attempt to pull the same scam on your loved ones. Hence, by warning your close ones about the phishing accident, you protect your family and friends so that they won’t get scammed as well.

How to avoid suspicious links on Mac

Defending yourself against suspicious links on your Mac is the best way to protect yourself online, and this will be much easier if you know exactly what to look for when attempting to identify a phishing attack. Start with the three major prevention methods first:

1. Don’t give anyone your personal information on the Internet
2. Don’t subscribe to the unknown calendars
3. Don’t download suspicious software
4. Stay safe with our top tips

1. Don’t give anyone your personal information on the Internet

Most phishers impersonate a real company in order to feign legitimacy, such as in the notorious iforgot.apple.com scam. Scammers do this in order to pry sensitive information from you without you realizing it. It’s always worth approaching any email with skepticism initially and going through our above checklist to ensure a link is legitimate.

The most important thing to never give away to suspicious parties is your bank details. A good way to check if a website is secure is by looking at the URL in your web browser. Secure websites should begin with https://. The ‘s’ in https stands for ‘secure’—and any website that doesn’t feature it, and instead begins with http:// isn’t secure, so you should never provide personal information on that website.

2. Don't subscribe to unknown calendars

Another increasingly common method scammers are using to phish new victims is to send bogus calendar invitations. These notifications are typically sent to your email inbox and ask you to accept, decline, or respond with. It’s important not to click either of these options, as this will let the scammers know that your email account is real. They’ll then flood your calendar with scam links offering free iPhones or discounts for malicious software.

Instead, you should report the suspicious emails as phishing scams within your mail app, which you can do by clicking the report phishing option in your inbox. This will not only protect you from further emails from this scammer but prevent these emails from being sent to others who may not be as savvy as you.

3. Don't download suspicious software

To prevent suspicious software from appearing on your MacBook, make sure you download any apps from trusted sources, such as an official website or the App Store. You should also avoid installing pirated software, and never download apps from links in an advert or that are sent to you over email or SMS.

Important note: There are certain apps that you can trust by looking for reviews online. For example, MacKeeper is a verified company on Trustpilot, and has an excellent user rating of 4.5 out of 5. It’s safe to download apps that are well-reviewed on reputable sites, or that are notarized by Apple. So if you aren’t sure about an app, google it and check that it’s safe before installing it.

4. Stay safe with our top tips

However, the previous list isn’t full; it’s just for the beginning. Now, let’s discuss some other ways you can identify and avoid phishing links online:

1. Make sure the URL of a link you are sent looks like the real website.
2. Check the sender’s email address to ensure they are from the company they say they are from.
3. Remember that tech support will never approach you out of the blue without prior contact.
4. Be skeptical if you receive an email with poor spelling and grammar.
5. Use MacKeeper’s StopAd feature to block any phishing adverts.
6. Be suspicious of any ads or emails offering cash sums or excessive discounts.
7. Always remember, if something sounds too good to be true, it probably is.

The above image shows an example of a real phishing email, which was flagged by Gmail. The scammers are posing as government officials, trying to convince a potential victim that they’re entitled to money. This is a textbook example of a phishing scam, where there are nonsensical email addresses and dodgy URLs. Furthermore, the provided link is insecure, and there are spelling errors at the end of the email.

Don’t fall through the net

After reading this comprehensive guide, you should now be a pro at identifying phishing attacks and will be able to protect yourself from suspicious spam emails or from installing bogus software. Remember to check URLs and email addresses, and be suspicious of anything that sounds too good to be true.

To stay secure online, look no further than MacKeeper. Its built-in Antivirus helps to automatically detect and remove malicious software from your Mac with ease, and it’s constantly updated to identify the latest threats in cyberspace. What’s more, MacKeeper has various privacy features such as VPN Private Connect to hide your activity from prying eyes, ID Theft Guard to give you control over your personal data, and the invaluable StopAd tool that protects you from annoying pop-ups and phishing ads online.