Archive: Phishing & Spam Handling Procedures
Budget
250$
per month
Posted: 5 years ago
Closed
- Description
- I want to develop a phishing and spam cyber security procedures and i have the steps but will like to develop it into a process/procedure so that any cyber security analyst in my company can follow it. Also, will need cover page, table of contents, Purpose, scope, appendixes, Tools used, if there is an opportunity for a table, diagram, flowchart etc please add to the procedures
cybersecurity tools used are, SIEM, SonicWall GMS ( look at the network traffic), McAfee Antivirus, Office365 Message Trace ( IT Operations) Remedy Helpdesk ticketing system.
ANY email that you believe is suspicious and could be phishing or spam should be forwarded to the Help Desk at [email protected]. This is important because the Cybersecurity Team has a process for all suspicious emails sent to the Help Desk to include forwarding the email to the US-CERT.
The Cybersecurity Team will also accomplish the following steps:
1. Open a ticket for the user in the Remedy help desk ticketing system.
2. Ensure the user did not open any attachments or click on any links in the suspicious email. You can relay in the forwarded email that you have not opened attachments or clicked on links.
3. If the user has opened an attachment or clicked on a link, we immediately scan the users computer for a virus or malware. We simultaneously check the Cyber logs (Firewall and SIEM) to ensure the users computer is not attempting to connect to any unusual web addresses.
4. If a suspicious file is found during the scan from Step 2, we will open a new ticket to track the subsequent activities related to removing the offending file.
5. We request a message trace on the sending email address from the IT Operations team to ensure no other ABC COMPANY employee received the email.
6. If another ABC COMPANY employee is found to have received the email, we reach out to the employee(s) to have them remove the email from their inbox and to ensure they did not open any attachment or click on a link. We follow Step 3 if they did open an attachment or click on a link.
7. If the email is found to be phishing or spam, we request that IT Operations adds the sending email address to the filters on our email servers so no additional emails are received.
8. If the user confirms in the original ticket or forwarded email that they did not open an attachment or click on a link, we will reply to them with a thank you email and proceed to Step 4.
9. We report any/all phishing emails by forwarding them to the US-CERT phishing email address.
10. After all of the above are completed, we close the original ticket.
This is just one of the ways the Cybersecurity and IT Operations Teams are working to keep us safe from malicious threats and we appreciate your help and support! Below are some definitions as a refresher.
Phishing Definition:
Phishing is an attempt by an individual or group to solicit personal information from unsuspecting users by employing social engineering techniques. Phishing emails are crafted to appear as if they have been sent from a legitimate organization or known individual. These emails often attempt to entice users to click on a link that will take the user to a fraudulent website that appears legitimate. The user then may be asked to provide personal information, such as account usernames and passwords, that can further expose them to future compromises. Additionally, these fraudulent websites may contain malicious code.
Spam Definition:
Spam is unsolicited usually commercial message (such as e-mails, text messages, or Internet postings) sent to a large number of recipients or posted in a large number of places.
Working conditions:
Fixed Price
Under $250
W9 Required for U.S.
Skills:
critical incident response,cyber defense,it security operations,technical writing,cybersecurity,incident management,cyber security,operating procedures
- Category
Drag