Help! I think I've been phished!

If you think you've given confidential personal information to a phishing site, then follow these guidelines to help prevent your information from being used illegally by fraudsters. Do not delay — fraudsters can move quickly to take over your account and do substantial damage.

I think my Yahoo! ID was phished!

If you think you entered your Yahoo! ID and password at a phishing site, then follow these steps:

  • Change your Yahoo! password immediately. Here's how:
    1. Type profiles.yahoo.com in your browser's Address bar.
    2. Sign into Yahoo!.
    3. Click on the Account Info tab.
    4. Enter your current password.
    5. On the Account Info page, click the Change Password link near the top of the page and follow the instructions.
  • If your password no longer works, tell us so we can start the account recovery process.
  • On the Account Info page, verify the rest of your account information; be sure any contact phone numbers or secondary email addresses are correct.
  • On the Account Info page, go to "Update password-reset info" and change your questions and answers.
  • Report the phishing email or web site that tricked you!

To help prevent becoming the victim of a Yahoo!-specific phishing scam, create a Yahoo! sign-in seal to personalize your Yahoo! sign-in page. Learn more about sign-in seals.

I think I gave my bank account or credit card information to a phisher!

If you suspect you might have entered any financial information at a phishing site, contact your financial institution immediately!

You may also want to follow the advice from the Federal Trade Commission (FTC) for identity theft victims.