What to do if you accidentally entered your login details on a fake website?

Phishing is one of the most common online threats, involving the theft of login details through fake websites. These sites often look almost identical to legitimate ones – they can mimic bank websites, social media platforms, or even corporate login pages. What should you do if you realise you've fallen victim to such a scam?

Why is this important?

Entering your login details on a fake website can lead to:

  • Theft of business or personal accounts – attackers can gain access to your email, corporate systems, or customer data.
  • Identity theft – your personal data could be used for identity fraud or further scams.
  • Using your account for attacks on others – for example, sending more phishing emails from your address.

How to recognise a fake website?

Recognising a fake website can protect you from having your login details stolen. First, always check the URL address – fake sites often contain minor typos or unusual domain extensions (e.g., “.info” instead of “.co.uk”). Remember that the genuine website address is located between the double slashes (“//”) and the next slash (“/”) – for example, in “https://bank-example.co.uk/login”, the real domain is “bank-example.co.uk”.

Check if the address starts with “https://” and if there is a security padlock, but note that the padlock alone does not guarantee authenticity. Click on the padlock and check the certificate’s issuing authority – it should be an official entity that matches the company's name.

Watch out for spelling mistakes and low-quality images – these are common signs of a fake website. If the site asks for personal data or login details in an unusual context (e.g., a contest or account update), it’s safer to exit and manually type the address in your browser. Never click on links sent in unexpected emails or text messages – they might lead directly to phishing sites.

What to do immediately after entering details on a fake website?

  1. Report the incident at work

    • Immediately inform the IT department – even if you think you’ve regained control, the IT team can perform more thorough security checks. They can:
      • Identify the source of the attack and assess the scope of the threat.
      • Scan systems for malware.
      • Temporarily block your account to prevent further breaches.
    • Immediately notify the Data Protection Officer (DPO) to:
      • Assess whether the incident needs to be reported to the ICO and conduct a risk analysis.
      • Coordinate remedial actions, including notifying individuals whose data may have been compromised.
      • Ensure proper documentation in line with GDPR requirements, including incident details, actions taken, and preventive measures.
  2. Change the password on the compromised account

    • Go to the real website of the service (e.g., bank or email) and change your password immediately.
    • If you used the same password elsewhere, change it on all other accounts as well.
  3. Check your account security settings

    • Logins and sessions: Check recent logins and active sessions – log out of any you don’t recognise.
    • Email addresses and phone numbers: Ensure no unknown addresses or phone numbers have been added to your account.
    • Forwarding settings: Check for automatic email forwarding to unknown addresses.

Real-life example:

In December 2023, hotel owners received fake booking enquiries containing malware. After infecting the system, the attackers stole login details for Booking.com, created fake listings and phishing sites, and deceived hotel customers. Detailed information about this incident can be found in the CSIRT KNF report: CSIRT KNF Report.

Summary

If you entered your details on a fake website, act quickly – report it to your company, change your password, and check your account security settings. Your swift reaction can prevent data theft and serious consequences. However, the best defence is caution – always check the website address and security certificate before entering any information.

Czytaj także:

Najczęstsze błędy przy zawieraniu umów powierzenia
Administratorem Twoich danych jest ODO 24 sp. z o.o. z siedzibą w Warszawie (03-812) przy ul. Kamionkowskiej 45. Twoje dane są przetwarzane w celu świadczenia usługi biuletyn informacyjny na zasadach określonych w Regulaminie ŚUDE. Więcej informacji na temat procesu przetwarzania danych osobowych oraz przysługujących Ci praw uzyskasz w Polityce prywatności.
Potwierdź swój adres e-mail
Wejdź na swoją skrzynkę pocztową, otwórz wiadomość od ODO 24 i potwierdź adres e-mail, klikając w link.
Jeżeli nie znajdziesz naszej wiadomości - sprawdź w folderze SPAM. Aby w przyszłości to się nie powtórzyło oznacz wiadomość jako pożądaną (klikniknij prawym przyciskiem myszy i wybierz "Oznacz jako wiadomość pożądaną").
Odbierz bezpłatny pakiet 4 poradników
i 4 szkoleń e-learningowych RODO
4x4 - Odbierz bezpłatny pakiet 4 poradników i 4 szkoleń RODO
Administratorem Twoich danych jest ODO 24 sp. z o.o. z siedzibą w Warszawie (03-812) przy ul. Kamionkowskiej 45. Twoje dane są przetwarzane w celu świadczenia usługi biuletyn informacyjny na zasadach określonych w Regulaminie ŚUDE. Więcej informacji na temat procesu przetwarzania danych osobowych oraz przysługujących Ci praw uzyskasz w Polityce prywatności.
Administratorem Twoich danych jest ODO 24 sp. z o. o. >>>