JeykiTech
Back to all guides
PhishingPersonal securityIncident response

Clicked a Phishing Link on Your Phone? What to Do Right Now

A practical step-by-step response plan for iPhone and Android users who clicked a phishing link, entered information, or installed something suspicious.

Published 2026-06-11 · Updated 2026-06-11

What matters first after clicking the link

Opening a phishing page is not the same as handing over the account. The first question is what happened next: did you only load the page, enter a password, approve a sign-in request, give a verification code, or install a profile or app?

If you entered credentials, change that password from a known-safe device

If you approved MFA or gave a code, treat the account as actively at risk

If you installed anything, check for new apps, device profiles, or browser permissions

Contain the exposure before you start cleaning

Containment beats random cleanup. Sign out other sessions where possible, change recovery details, and work through the accounts tied to the same email or phone number so the attacker cannot pivot.

Start with email, because it controls resets for everything else

Review bank, Apple ID, Google, and social accounts connected to the same device

Take screenshots of suspicious messages or websites before they disappear

When to get hands-on help

If you are locked out, seeing unfamiliar sign-ins, getting repeated MFA prompts, or worrying that something was installed on the device, it helps to treat it as an incident instead of a checklist. The goal is to figure out what actually changed, what is still exposed, and what needs to be locked down in the right order.

Frequently asked questions

What if I only opened the phishing page and did not type anything?

That is usually less serious than entering data or installing something, but you should still check the URL, clear the tab, and think through whether the page triggered a download, permission prompt, or fake login flow.

Do I need to factory reset my phone after every phishing link?

No. A reset is not the default answer. The right response depends on whether credentials were entered, whether anything was installed, and whether you are seeing device-level symptoms that point to a deeper compromise.

Should I change my bank password if the phishing text was not about banking?

Change it if the same password was reused anywhere, if the phish collected payment details, or if your email account may have been exposed. Email compromise often matters more than the decoy topic of the text itself.