Let’s Talk About Spam – What to Do when You’ve Done the UnthinkableWritten by Casper Manes on July 3, 2012
We’ve been talking about spam on a strictly non-technical, friends and family level for the past several weeks, in an attempt to either provide you with a way to discuss spam with those who have a need to know but not necessarily a technical inclination, or just as likely, to give you a series you could link to when your Uncle Bob asks you a question you don’t want to answer. In this post, we’re going to provide a list of things to do in case someone has done the unthinkable – they’ve clicked a link, found their machine to be infected, submitted personal information to a form, provided their username and password to a phishing site, or forwarded a chain mail.
You’ve clicked a link
You got an email, you thought it seemed kind of strange, but you saw no harm so you clicked your mouse. Something flashed on your screen, you antivirus software threw up a warning, and now you are in a panic. What do you do?
First, don’t panic. It’s not (necessarily) the end of the world, yet. Close all your running applications, and then launch your antivirus software. Run a full scan of your machine, setting the options to scan everything that you can. This could take hours to run, but let it run to completion. If you do find a virus, read more about what to do below.
Check your browser to be sure nothing has been added to it. Here’s links to how to do that for some of the more popular browsers.
- IE9- http://windows.microsoft.com/is-IS/windows7/How-to-manage-add-ons-in-Internet-Explorer-9
- IE8 & 7- http://windows.microsoft.com/en-us/windows-vista/internet-explorer-add-ons-frequently-asked-questions
- Chrome- http://support.google.com/chrome/bin/answer.py?hl=en&answer=187443
- Firefox- http://www.dedoimedo.com/computers/firefox_addons.html
- Safari- http://macs.about.com/od/usingyourmac/qt/safariplugin.htm
You found a virus
You’ve run the scan, and it found a virus. Review the results, delete any files in quarantine, and then run the scan again to be sure. Many IT professionals (myself included) will format a machine and reinstall everything from scratch, rather than deal with an operating system that has been infected, but this is often an overreaction, and remember, we’re IT pros, so rebuilding a machine from scratch is what we do for fun. Yeah, we do really need to get out more, don’t we?
Of course, if you haven’t kept your antivirus software up to date, things just got a whole lot worse. You can use one of the online antivirus scanners you can find online, but an ounce of prevention is worth a pound of cure, and if you’d kept your antivirus software up to date, you might have been fine. Once you get this squared away, make a good back up of all your critical data, and keep that up to date. That way, if you do get hit again, you at least have your critical data safely stored away. I use Dropbox, an online storage system. If you’d like to get a free 2GB account with an extra 250MB of space, you can use this referral link http://db.tt/W5FMJvy. That gets me some added space too.
You provided NPI into a form that later turned out to be bogus
Try to recall what information you provided. If it was just your contact details, you may have to do nothing more than start screening your calls and dealing with more spam in your inbox. However, if there was more sensitive information involved, you will want to contact your bank, credit card companies, etc. and set up a fraud watch on your account. In the US, you should also notify the major credit bureaus to flag your account so that if someone tries to open credit in your name, they can flag that. See this site for more information on how to do this. http://www.fightidentitytheft.com/flag.html
You’ve given up your credentials
Immediately contact the security team or admin of whatever system is involved and let them know what happened. It’s simple. “Hi, I think I was just victimized by a phishing attack, and may have given out my credentials to what I thought at the time was a legitimate request.” They can immediately take steps to prevent further damage, and will help you to reset your account.
Trust me, they will be much happier that you notified them immediately. People make mistakes, and it’s how we deal with them that counts. Security professionals will not yell at you or curse you for a fool; they will thank you for responsible reporting.
You CC’d hundreds of unrelated individuals when you should have used BCC
This could get ugly. People can get really upset when they see themselves copied on an email with dozens or even hundreds of others that they don’t know, because this frequently leads to a spike in spam. The odds that at least one person on the recipient list has a virus that is harvesting email addresses from their mail is pretty good, and you just fed that bug everyone else’s email address.
Apologise by sending a BCC email to all, set up a blind Distribution List to use going forward, and grow some thicker skin. It’s likely you will get some scathing replies, but at the end of the day, learn from the mistake and do better next time. That’s really all anyone can ask.
You forwarded a chain mail
Okay, for this the response is a bit more radical. Go to the chalkboard, and write out 1000 times “I will not forward chain mails without using BCC.” Really, that is all there is to that. Delete all the paragraphs of email addresses from the body, only put your friends and family into BCC, and then, if you are absolutely certain each and every one of them will think this is a LOL, send it. But if you are not sure they’d love that sort of thing, skip this one.
Just remember, accidents happen, and we’ve all learned from our mistakes. The trick when making a mistake is to not make the same one twice. We’re all human, and next time, you’ll know better. After all, Bob’s your uncle, right?