312-50V10 · Question #717
When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it. Wha
The correct answer is A. Forward the message to your company's security response team and permanently delete the. A suspicious email with strange characters from a known sender should be reported to the security response team and permanently deleted, not replied to or ignored.
Question
When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it. What should you do?
Options
- AForward the message to your company's security response team and permanently delete the
- BReply to the sender and ask them for more information about the message contents.
- CDelete the email and pretend nothing happened.
- DForward the message to your supervisor and ask for her opinion on how to handle the situation.
How the community answered
(19 responses)- A89% (17)
- C5% (1)
- D5% (1)
Why each option
A suspicious email with strange characters from a known sender should be reported to the security response team and permanently deleted, not replied to or ignored.
Forwarding the suspicious email to the security response team ensures trained professionals can analyze it for phishing, malware, or social engineering without putting the organization at further risk. Permanently deleting it afterward prevents accidental interaction while maintaining the security team's copy for investigation.
Replying to the sender could confirm your email address as active to an attacker, trigger a malicious auto-response, or further expose you to a social engineering attempt.
Deleting the email without reporting it deprives the security team of a potentially important threat indicator and violates standard incident reporting procedures.
A supervisor is not the appropriate first contact for a potential security incident - the security response team has the tools and authority to properly investigate and contain a threat.
Concept tested: Phishing email incident response procedure
Source: https://www.cisa.gov/secure-our-world/recognize-and-report-phishing
Topics
Community Discussion
No community discussion yet for this question.