Scam Message Checker

The first 24 hours after a scam

Once the immediate panic passes, the first 24 hours are about securing your accounts, saving evidence, and reporting. This guide lays out a calm, ordered plan so you cover the important things - money, logins, identity, and reporting - without missing a step.

Quick answer

Once the immediate panic passes, the first 24 hours are about securing your accounts, saving evidence, and reporting. This guide lays out a calm, ordered plan so you cover the important things - money, logins, identity, and reporting - without missing a step.

  • List what was exposed: money, logins, ID, or device access.
  • Prioritise money and email first.
  • Gather screenshots and references before deleting anything.
Most urgent

Do this now

  1. Confirm your bank has secured any affected card or account.
  2. Change passwords and enable app-based 2FA on key accounts.
  3. Save evidence, then report to your national fraud/cybercrime body.

Understanding what happened

Once the immediate shock passes, the first day is about securing what matters in a sensible order: money, then email, then identity, then reporting. Working through it methodically beats scrambling, and most damage from a scam is limited when these are handled within a day.

Think in layers. Money and cards are usually most time-sensitive, so confirm your bank has secured anything affected. Email comes next because it controls password resets for everything else. Then handle identity exposure and any reused passwords.

Evidence is easiest to gather now, while messages, references, and statements are fresh. Keeping a simple timeline of what happened and what you did makes reporting faster and helps if you later need to dispute a charge or prove a loss.

Reporting closes the loop and can unlock help: your bank for payments, and your national fraud or cybercrime body for the scam itself. Keep every reference number, and stay alert for the 'recovery' offers that follow losses - they are scams, not solutions.

First 5 minutes

  1. List what was exposed: money, logins, ID, or device access.
  2. Prioritise money and email first.
  3. Gather screenshots and references before deleting anything.

First 24 hours

  1. Secure email, banking, and any reused-password accounts.
  2. Dispute unauthorised charges and remove unknown payees/rules.
  3. File your report and keep the reference number.

Next 7 days

  1. Monitor statements and account activity daily.
  2. Set up credit monitoring or a fraud alert if ID was exposed.
  3. Watch for recovery-scam follow-ups.

What not to do

  • Do not skip email security - it controls your other resets.
  • Do not pay any 'recovery' fee.
  • Do not delete evidence before reporting.

Evidence to save

  • All screenshots, references, and statements together.
  • A timeline of what happened and what you did.
  • Case/reference numbers.

How to save scam evidence →

How to report

  1. Gather your evidence first (screenshots, dates, amounts, any reference numbers).
  2. Report to your national fraud/cybercrime body and, if money moved, to your bank.
  3. Find the right official links for your country in the reporting directory.

Find official reporting links for your country in the reporting directory.

  • Do not use phone numbers or links from the suspicious message - look up the official ones yourself.
  • Report quickly if money was sent or ID documents were shared; speed improves your options.
  • Keep your evidence - see how to save scam evidence.

Beware 'recovery' offers afterwards: anyone who contacts you promising to get your money back for an upfront fee is running a second scam.

Stop it happening again

After the dust settles, do a quick security review: unique passwords, app-based two-step verification, and transaction alerts on money accounts.

Note what the scam relied on so you recognise the same pattern instantly next time.

Related scam types

Related red flags

Related terms

This is general safety information, not legal, financial, or cybersecurity incident-response advice.

Still have the message?

Check it to understand the red flags and how to report it.

Check a message

Frequently asked questions

What should I secure first?

Money and email. Email controls password resets for everything else, so lock it down early.

Is it too late after a day?

No. Reporting and securing accounts are still valuable. Some payments can still be disputed; identity protections still help.

Get scam safety updates

Practical scam alerts, new examples, and simple safety tips. No spam. No sensitive message data.

We only collect your email address, optional name, consent status, signup page, and signup time. See our privacy policy.