Potential Virus/Spam Email
Date Created: 12/10/2018
Author: Philippa Lock
Contents: How to deal with a potential virus call
If someone logs a call or rings in to say that they think they have a potential virus sent in a email, depending on what they have done with the email will depend how you process the call. The two options are:
- Received an email that looks 'dodgy' but has not done anything with it
- Opened an attachment or clicked a link that on reflection looks like it could be a bit 'dodgy'
Received an email but have not done anything with it
If someone has received an email and think that it looks like spam or a virus and want to know what IT thinks then please follow the below steps:
- Make sure the call is logged
- Ask if this is an email from a known contact or candidate
- Ask if this is an email that they were expecting to receive
- If a known contact, is the email address compatible with the one we normally correspond with and possibly to contact the person in another way to confirm they sent the email
- If this is not a known contact, then we would recommend that they ignore the email, do not open it or click on anything and just delete
Received an email and Opened the attachment or clicked on link
If someone contacts IT to say that they think they have opened or clicked on a compromised email then you would need to do the following:
- If they have called in, raise a call on the portal on their behalf
- Ask if they can forward the email to yourself
- Ask if they have clicked a link or enabled macros on an attachment
- Flag immediately with TDAC or Dev Ops
When dealing with virus or potential virus calls we need to get all of the information as quickly as possible, if someone has logged a call on behalf of someone else, make sure you speak to the person immediately where you can.