Comments on: New Phishing Campaign Targets LinkedIn Users with Fake Reminders

By: Christina Goggi

Christina Goggi — Mon, 18 Feb 2013 11:22:09 +0000

Hi Deborah, great question! Here’s the rundown of what I like to do:

1. Make sure your antivirus software is completely up to date.
2. Run a complete scan of your system. You may have to dig into the options, as many a/v products default to a quick scan. You want a complete scan.
3. Address any issues that the scan finds.
4. While you are focused on the system, apply any operating system or application updates that it needs. Don’t forget Flash, Adobe Acrobat Reader, etc.
5. Reboot
6. Run another complete scan after the reboot just in case there was something waiting for a restart before it executed.
Hope that helps

By: Deborah Jane

Deborah Jane — Tue, 12 Feb 2013 22:50:25 +0000

This sounds like good advice, but I’m perplexed as to why solutions to problems like this one (and I clicked too; was caught off-guard this time) so often just instruct users to have our support desks or system administrators or information security teams, etc., fix it, as if everybody has those. I’m an at-home computer user who came here seeking help, but I’m my own support desk and security team and everything else. I can’t just deflect this problem. So now what? What are those “appropriate actions” other than running a malware scan?

By: Christina Goggi

Christina Goggi — Fri, 04 Jan 2013 14:10:08 +0000

Then you need to inform your support desk or information security team so that they can run a malware scan, and take any appropriate actions to change credentials if you did more than just click. And they need to understand that people are people, can and will make mistakes, and their job is to tend to the issue, not chastise the user for making a simple and entirely understandable error.

By: Jarek

Jarek — Thu, 03 Jan 2013 14:25:25 +0000

OK, but then what if you mistakenly have clicked on such reminder and opened the website?