Procedures for NOVA Employees Who Respond to Spam Email
NOVA requires annual MOAT training to raise awareness of the importance of system security and to inform users about spam and phishing e-mail. In addition, Security Tips are published and reminder emails are distributed periodically to prepare individuals to recognize and to avoid malicious e-mail. Despite this effort, users periodically respond to these messages or click on links with undesirable results.
ITSS has developed the following procedure to address instances when users reply to Spam/Phishing email.
NVCC account is disabled and text is added to the note field to document spam event, date, and number.
Password is reset.
Computer is scanned for malware by campus IT.
MOAT account is reset and user completes recertification.
Supervisor is informed and asked to approve account re-issue.
ISO is notified when a user replies to malicious e-mail on third and subsequent events.
Users with ongoing spam issues will be reported to Human Resources for possible disciplinary action.