What to do if you are a victim of a phishing scam

Phishing is a cyber criminal’s attempt to send you malware or steal sensitive information from you by pretending to be a legitimate sender like a bank, online store or even someone you know. It also happens to be one of the most popular cyber scams out there, which means phishing is very common.

After all, 3.4 billion phishing emails are sent every day.footnote 1

Unfortunately, phishing scams can be easy to fall for if you don’t know how to spot them.

And accidents happen. 18% of Canadians say that they took risks online that threatened their cyber security.Footnote 2

If you become a victim of phishing, here are simple steps you can do to recover and secure your accounts and devices:
  • Change affected passwords

    You should also update all accounts to use strong and unique passwords. Consider using passphrases made of four or more random words and 15 or more characters for extra security.

  • Enable multi-factor authentication (MFA)

    MFA adds an extra layer of security to your accounts and devices. This makes it harder for cyber criminals to access your data, even if they steal your password.

  • Call your financial institution

    If you shared any financial information (like a credit card number), contact your bank. You can recover lost finances and prevent any further losses, while monitoring your transactions.

  • Consider deleting your inactive accounts

    If cyber criminals gain access to your accounts, they can send phishing links to your contact list. Deleting or suspending your inactive accounts may prevent this.

  • Check your device for viruses or other malware

    If there was a suspicious link or attachment in the email, install anti-virus software and scan your device for viruses that may have been downloaded.

  • Report the incident

    You can report phishing scams and other instances of online fraud to the Canadian Anti-Fraud Centre, or calling 1-888-495-8501. You can also report the incident to your local police department.


You have the power to fight phishing scams!


The best way to protect yourself against phishing attempts is learning how to spot the signs of a scam.

  • Urgent or threatening language

  • Requests for sensitive information

  • Offers that are too good to be true

  • Suspicious attachments and file types

  • Typos, incorrect sender email addresses and links

  • Unprofessional design and incorrect or blurry logos

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: