Someone clicked. Here is what to do.

A free single-page response guide you can print and pin by the desk, with calm, numbered steps for the first ten minutes after an employee clicks a phishing link.

A free printable one-pager for when an employee clicks a phishing link. Calm, numbered first-ten-minute steps, what not to do, and when to call your MSP.

First 10 min
the steps that limit the damage
1 page
print, pin, and act fast
$0
free, printable, yours to keep

What you'll get

A practical, ready-to-use resource you fill in with your own numbers and keep. No expiring trial, no strings.

Employee Clicked a Phishing Link: Do This Now
PDF guide, yours to keep
Preview

What the Phishing Response One-Pager does

The moment someone realizes they clicked a bad link, the natural reactions are the wrong ones: power off the computer, delete the email, or say nothing and hope. Each of those can make the situation worse or destroy the trail your IT provider needs. What actually helps is a short, calm sequence done in the first few minutes, by whoever is sitting there.

This one-pager is that sequence on a single printable page. Pin it by the desk or keep it in the staff handbook, so when it happens, the person who clicked knows exactly what to do first instead of freezing.

Move fast, in order

Numbered first-ten-minute steps: disconnect the device, do not power it off, change passwords from a clean device, confirm MFA, and notify your IT provider. No panic, just sequence.

Avoid the common mistakes

A clear 'what NOT to do' section, because the instinct to wipe the machine or hide the mistake usually makes things worse and destroys the evidence you may need.

Works after hours too

An after-hours version covers what to do when it happens at 9 p.m. and the office is empty, so a weekend click does not turn into a Monday disaster.

Anyone can follow it

Written for the person who clicked, not for IT. Print it, pin it by the desk, and the steps are clear enough that staff can start the right actions before help arrives.

What is inside the one-pager

  • Numbered first-ten-minute steps: disconnect from the network, do not power the device off, change passwords from a clean device, enable or confirm MFA, notify your IT provider, and preserve the evidence
  • An after-hours version for when it happens outside business hours
  • A short “what NOT to do” list
  • Clear guidance on when to call your IT provider and your insurer
  • A clean black-and-white layout so it prints anywhere

A click is not a catastrophe if you act fast

Most clicks can be contained when the first few minutes are handled calmly and correctly. Print this, share it with your team, and make sure people know they will not be in trouble for reporting it quickly.

Want to reduce the odds in the first place?

A response plan is the safety net. To cut how often you need it, our article on how to prevent ransomware without a full IT team covers the everyday controls that stop most attacks, and our cybersecurity guide explains how the People+ approach keeps a human watching.

How it works

1

Tell us where to send it

Fill in the short form. Just enough so we know who we're helping and can tailor any follow-up, only if you want it.

2

Check your inbox

We email your copy right away, and the download is yours to keep. No expiring trial, no login.

3

Put it to work

Use it on your own, or ask us for a second set of eyes. No pressure either way.

We do not sell your information

You get the file and an email copy for later. That is it. No third-party sharing, ever.

Real local humans built this

Vicinity is a genuinely local IT provider with people in Alaska and Hawaii. These are the steps we walk clients through when it happens.

No sales theater

The one-pager is a working tool, not a brochure. Use it whether or not we ever talk.