Ad Scams • Recovery

Clicked a Scam Ad? Do This Now

The right response depends on what happened next: clicked only, entered credentials, downloaded software, or submitted payment information.

Start Ads Training Browse Ads Articles
Quick takeaway
If you typed a password or payment information, act immediately: change credentials and call your bank.

Verified by GonePhishing.com

Step 1: Identify what happened

Not every accidental click causes the same risk. Your next steps depend on whether you only opened the page, typed information, downloaded something, or completed a payment.

If you only clicked and closed the page

  • Close the tab immediately.
  • Do not interact with any popups or download prompts.
  • Watch for follow-up emails or texts that continue the scam.
  • Consider running a quick browser and device security check.

If you entered a password

  1. Change that password immediately.
  2. Change it anywhere you reused the same password.
  3. Enable multi-factor authentication if it is not already enabled.
  4. Review recent login activity and authorized devices.

If you entered a one-time code or MFA code

  1. Assume the attacker may have been trying to log in in real time.
  2. Change the password immediately.
  3. Review recovery email, phone number, and MFA settings for changes.
  4. Log out of other sessions if the service allows it.

If you downloaded or installed something

  • Disconnect from the internet if you suspect malware.
  • Run a trusted security scan.
  • Remove suspicious extensions, downloads, or apps.
  • Update your operating system and browser.

If you entered card or payment information

  1. Call your bank or card issuer using the number on your card.
  2. Report the transaction or attempted fraud.
  3. Freeze or replace the card if needed.
  4. Monitor transactions closely for follow-up fraud.

If you sent money

  • Contact your bank or payment provider immediately.
  • Report the fraud to the platform used for payment.
  • Save screenshots, receipts, and confirmation emails.
  • Report the scam through official reporting channels.

How to prevent repeat attacks

  • Do not click ads for logins, downloads, or support pages.
  • Type important websites manually or use bookmarks.
  • Verify domains before signing in.
  • Use different passwords for different accounts.

Related articles

FAQ

Can I get hacked just by clicking a scam ad?

Sometimes a click only opens a page, but the risk increases if you downloaded software, entered credentials, or submitted payment information.

What should I secure first?

Start with your email and any financial accounts, especially if you reused passwords or typed login information.

Should I change my passwords even if I’m not sure?

If you entered a password on a suspicious page, yes. It is safer to change it immediately than wait.

Practice Ad Scam Defense Use Scam Lookup