All articles Scam Recovery

Tapped a Scam SMS Link? Your Urgent Action Plan

7 min read

Receiving a text message that looks like it's from a trusted organisation such as Australia Post, MyGov, Toll, or Linkt is common. These SMS phishing scams are designed to trick you into clicking a malicious link and divulging personal information. If you've found yourself in this situation, it's natural to feel worried. This guide outlines the immediate, practical steps you need to take to protect yourself.

Step 1: Disconnect and Secure Your Device

The very first thing to do is to disconnect your device (phone or computer) from the internet. This could be by turning off Wi-Fi, switching to airplane mode, or unplugging your ethernet cable. This prevents any further malicious activity from the scam link if it's still active or trying to install malware.

After disconnecting, run a full scan with reputable anti-virus or anti-malware software on your device. Look for any suspicious apps or software that may have been installed without your knowledge. If anything is found, follow the software's instructions to remove it immediately.

Step 2: Change Passwords – Starting with the Most Critical

If you entered any login credentials, financial details, or personal information after clicking the link, assume those details are compromised. Your next critical step is to change passwords for any affected accounts.

Prioritise your most sensitive accounts first: your primary email, banking apps, MyGov, and any other services where you might have reused passwords or entered information on the scam site. Use strong, unique passwords for each account and enable multi-factor authentication (MFA) wherever possible. This adds an extra layer of security, making it much harder for cybercriminals to access your accounts even if they have your password.

Step 3: Notify Your Bank and Monitor Financial Accounts

If you entered any banking details, credit card numbers, or other financial information, contact your bank or financial institution immediately. Explain the situation and follow their advice. They may suggest cancelling your card and issuing a new one, or placing a temporary hold on your account.

Regularly monitor all your financial accounts and credit statements for any unauthorised transactions. Set up transaction alerts with your bank if you haven't already. Early detection is key to limiting financial loss.

Step 4: Report the Scam and Get Support

Reporting the scam is vital, not just for your own protection but to help authorities track and disrupt these criminal operations. Forward the suspicious SMS to 0429 999 888 (the ACCC's Scamwatch service for reporting scam texts). You should also report it to ReportCyber. This national service helps coordinate responses to cybercrime.

Dealing with a scam can be incredibly stressful and confusing. If you're feeling overwhelmed, remember that KNOMI is who you call when something goes wrong online. We can help you navigate the aftermath, offering clear, expert guidance and assisting with recovery steps. Organisations like IDCARE also provide free support for identity theft and cybersecurity incidents.

Essential reporting and support:

  • Forward the scam SMS to 0429 999 888.
  • Report the incident to ReportCyber (cyber.gov.au/report).
  • Contact IDCARE (idcare.org) for free identity support.
  • Reach out to KNOMI for expert cyber incident response.

Step 5: Stay Vigilant and Learn for the Future

Even after taking these steps, remain vigilant. Scammers who have successfully phished you once may try again, using similar tactics or escalating their efforts. Be wary of any unexpected communications, especially those asking for personal information or immediate action.

Educate yourself on common scam indicators: poor grammar, urgent requests, generic greetings, and suspicious links (hover over links on a computer, or long-press on a phone, to see the real URL before clicking). Remember, legitimate organisations will rarely ask for sensitive information or instruct you to click a link via an unsolicited text message or email. This experience, while challenging, is an opportunity to strengthen your digital resilience for the future.

Frequently asked questions

What's the very first thing I should do if I clicked a scam SMS link?

Immediately disconnect your device from the internet (Wi-Fi, mobile data, or ethernet) to prevent any further malicious activity, and then run an antivirus scan.

Which passwords should I change first after a scam link incident?

Prioritise your primary email, banking, and MyGov accounts, or any other accounts where you entered credentials on the scam site. Use strong, unique passwords and enable multi-factor authentication.

Should I report a scam SMS if I only clicked the link but didn't enter details?

Yes, always report scam SMS messages. Forwarding it to 0429 999 888 (Scamwatch) and reporting to ReportCyber helps authorities track and combat these threats, even if you weren't fully compromised.

How can KNOMI help me after I've clicked a scam link?

KNOMI provides expert guidance and support for navigating the aftermath of a cyber incident like clicking a scam link. We can help you understand the risks, secure your accounts, and ensure you take all necessary recovery steps.

How can I tell if an SMS from Australia Post or MyGov is legitimate?

Legitimate organisations like Australia Post or MyGov will rarely ask you to click a link in an SMS to update details or pay a fee. Always go directly to their official website by typing the URL into your browser, or use their official app, instead of clicking links in unexpected messages.