1. TAKE A DEEP BREATH.

Phishing schemes have become increasingly sophisticated, so don’t beat yourself up if you fall for one. Take a few deep breaths to calm down, clear your head, and plan your next steps. Remember that falling for a phishing scheme doesn’t necessarily mean that your identity will be stolen. Phishing schemes vary, so what you’ll do next depends on what kind of phisher targeted you.

• If you downloaded a fraudulent attachment, turn off Wi-Fi and disconnect from the internet, stat. If you remove the phisher’s access to your computer quickly enough, you may be able to stop the phisher from installing malware or gaining remote access to your computer.
• If you clicked on a link to a fraudulent website, try to remember exactly what information (username, password, address) you entered. Take screenshots of the phishing email or jot down details such as the sender’s email address, the content of the email, and the URL that you clicked.

2. CHANGE YOUR PASSWORDS.

If you clicked a link that directed you to a site that appeared to be your bank, email service, or social media account, for example, log in to the real site and change your password. If you use the same password for multiple accounts—which you shouldn’t do—change the passwords for the other accounts as well. Take the extra time to change any password hints or security questions, and take a look at your profile or recent activity to see if the phisher did any damage or made any purchases using your account.

• LA Film School Student Password Reset

3. CONTACT THE HELPDESK.

Report the phishing scheme to the IMT Helpdesk. Let us know that you have changed your password or not. If you provided financial information, you may need to cancel your existing card and get a new one. Additionally, if you want to help other people avoid phishing scams, you can report the details of your experience to the Anti-Phishing Working Group or the FBI’s Internet Crime Complaint Center. If you have created a signature to appear when you compose a new email, or even if you have not, you will want to check this option within the email system you are using. i.e. webmail/Gmail, etc. We have found that signatures may get compromised. Sometimes when your account is compromised, your email signature, filters, rules, and forwarding settings may be modified.  If you need assistance on where to locate these options please, email us at helpdesk@lafilm.edu.

• If your LA Film email has been locked, please call the IMT Helpdesk (323.769.2220)

4. SCAN YOUR COMPUTER FOR VIRUSES.

Whether you downloaded an attachment or clicked on a link, it’s a good idea to scan your computer for viruses and malware. Anti-virus software can examine your computer, alerting you to any files that may have been infected. Here are some links to highly-rated Anti-Virus software you can download and install for FREE:

• Avast Security for Mac
• Avast Security for Windows
• Malwarebytes for Mac or Windows

5. WATCH OUT FOR WARNING SIGNS OF IDENTITY THEFT.

If you’ve revealed any financial information or other sensitive data like your Social Security number, you need to watch for signs of identity theft. First, keep a close eye on your bank and credit card statements, looking for any withdrawals or purchases that you didn’t authorize. You can also ask your bank to alert you of any unusual activity. Next, to protect your credit score, notify the three major credit reporting agencies that your information was compromised. Finally, order your credit report from the three agencies to make sure that your reports are accurate and don’t contain new lines of credit (that you didn’t sign up for).

6. FILE A REPORT WITH THE FTC.

If you see signs that your identity has been stolen, report the theft to the Federal Trade Commission (FTC). The FTC will guide you through the steps to take whether your information was stolen from your credit card account, utilities, checking and savings, or medical insurance. You should also place a fraud alert on your credit report to make it harder for criminals to rack up charges using your identity. The alert lasts for 90 days, but you can renew it if you need more time.

7. PROTECT YOURSELF AGAINST FUTURE PHISHING SCHEMES.

Given the time and hassle involved in being a phishing victim, now is the time to take steps to protect yourself against future phishing schemes. Be careful when you check your inbox and pause before opening, clicking links, or downloading files from suspicious emails. If you get an email that looks like it’s from your bank, credit card company, or social media accounts, take a moment to examine it closely. Instead of revealing any personal information, go directly to the website to log in or call the company to determine if the email is legitimate.