Lesson Progress
0% Complete

Respond
Notify legal counsel of any illegal or inappropriate activity
Notify constituents (status update)
Notify law enforcement
Take steps to limit propagation or execution of the phishing attacks
Notify the owner(s) of any systems being used in the phishing attack
File a false Whois complaint with ICANN
Remove temporary containment measures
Notify computer security organizations and resources
Report suspicious activity to the FTC
Notify HR
Provide end-user remediation guidance for phishing and identify theft
Notify public relations department

Post-Incident
Notify internal management chain (resolution)
Notify constituents (resolution)
Properly dispose of incident information
Post-incident review
Generate incident report
Update policies and procedures

Complete

Initial

Custom