Do you know where you’re going online? Or are you just blindly clicking and trusting?

Cyber criminals are generating more and more malicious web addresses in hopes that you’re not paying close attention to what you’re doing online. And so I have to ask—do you look before you click?

Sometimes the incredible amount of email we receive as reporters or social media posts we see are so interesting and enticing—who wouldn’t like a free $200 Amazon gift card, right? But this activity is called phishing; it’s how a cybercriminal tricks you with into becoming their digital puppet!! They offer a link that when clicked takes you to a spoofed or fake website. You think you’re on a trusted site and do what they ask, like entering confidential information about yourself or your colleagues into their online labyrinth of fraud.

How can you avoid such a stark cyber fate?

Check links before you click by hovering your cursor over the link or right-clicking a hyperlink and selecting “Properties” to reveal its true destination.

It’s important to read any URL carefully. Is it spelled correctly? Many times phishers create websites almost identical to the spelling of the site that you’re trying to visit as a way to cause confusion. Ask yourself, does anyone in your newsroom need to visit websites ending in .ru, .kz or .xxx? My guess, probably not. So don’t click.

Common sense is ultimately our best defense as reporters traveling cyberspace. If the email, website or link doesn’t look right—maybe the promises seem incredibly enticing—make a sharp U-turn and get out of the digital neighborhood that you’ve found yourself in.

Let’s say you did it. You clicked on that malicious link that showed up in a search result, a targeted email, a fake website. Now what?

It might seem like you’re crushed but that doesn’t mean you surrender and possibly lose all of your data as a result of a potential infection.

First, disconnect from the Internet immediately and call your IT Help Desk. If you don’t have IT support, close your browser, open it again in a new session and using the history tool clear the cache so you don’t return to that URL again. Then run your antivirus and any additional security programs installed on your device.

Just because you cleared your cache, it’s not over. Don’t fall prey to any data that might have leaked out in those first seconds of the compromise. Monitor your identity, bank accounts, change passwords, and if your device starts “acting funny” go get it checked out by a professional.