If you have responded to a phishing scam, there are a few very important steps to take to ensure that your accounts are protected.
Change your password
If you responded to a phishing scam which asked you to confirm account information by sending a username and password, change that password immediately.
Additionally, if you use that password anywhere else, you should change that password wherever you've used it.
Contact Credit Bureaus
If you responded to a phishing scam which asked you to confirm your identity with personal information such as phone number, social security, or address information, you should contact the credit reporting bureaus, and your banks, immediately. They are able to put monitoring in place to prevent against fraud and protect in you in the event that fraud is attempted.
It is always a good idea to report the fraud to the service upon which you received it. If you received a scam at SU, forward the message you received to firstname.lastname@example.org so that it can be handled by SU's IT Security team.