In the event that you have given away your account details in response to a phishing attack, and either discovered yourself that your account is compromised or you have been told so by IS, then there are some steps to take in the aftermath :-
- Change your password to one that is long and strong.
- Turn on “two factor” authentication.
- Check the signature set for your account; phishers are known to have set inappropriate signatures to be attached to all outgoing emails. The quick check? Send a quick email to your personal email address and check what the signature says.
- Check the “rules” for incoming email messages to make sure nothing has been added. Phishers have been known to set up new rules to delete all incoming messages.