Violated my own rules of email safety. What do I do now?

Factual Questions
1

Last night I tried to buy a one-month-only $5 subscription to a podcast. (I had repeated problems doing this and it did not appear to go through.) After all that trouble and no joy, I wrote to the billing department of the podcast last night advising them of the payment and login problems and asking that they make sure my card wasn’t billed repeatedly, as sometimes happens when things don’t appear to go through.

Today I received a notice about a $69.99 3-month subscription to Spotify. Because I am unclear about exactly what Spotify is, I thought it might be related to my unsuccessful podcast subscription attempt because I tried to submit the form three times. (and thus had been worried I may have accidentally bought three one-month subscriptions. Although the podcast homepage never did let me sign in.)

So, long story short, I clicked a link in an attachment, which I know very well not to do. (“Cancel subscription.” x3) Dammit.

Of course, the letter was an extremely coincidental phishing attempt, in terms of both timing and content. But I have already clicked the link. So what do I do?

2

Did you enter any information on the page that the link took you to?
If not, forget about it.

3

What beowulff said. Although I’m sure there are exceptions, simply clicking on the link is not likely to do any harm. They’re trying to get you to enter usernames, passwords, and payment info on the destination page. If you didn’t do that, you should be fine.

4

Chrome automatically enters a lot of common information (my name, address, etc.) on many websites when I go to them. Including websites that I have never been at before.

I don’t think it does it with credit card numbers, though. But dDoes that pose any kind of a risk?

5

I don’t use Chrome very often, but I’ve never seen an auto-fill feature that didn’t require at least clicking in a fill-in field first.

6

Auto-fill waits for you to click “OK” or press “Enter” before it sends anything.

7

And they don’t autofill credit card numbers, for precisely this reason.

8

To be more accurate, it requires user interaction to confirm that the auto-fill was intended.

This wasn’t always the case, and was brought up as a security problem. There’s nothing that prevents a site from reading the contents of a form without user-interaction. If there was, then those search boxes that start searching instantly wouldn’t work.

As far as I know, the solution was to require users to specifically choose to autofill. You click inside an element, and there will be a popup asking if you would like to autofill.

That is the behavior I see in Chrome. Never have I ever seen it autofill without my first clicking the menu item “Auto fill with [some info]”.