Deal with web browser attacks

This is what happens when we detect a web browser threat.

When an attack is detected:

  • Intercept X warns the user to close the browser.
  • A Sophos Clean scan starts.
  • A threat case is generated.

What you should do

You should do as follows:

  • Use the threat case to identify the IP and URL connection associated with the attack.
  • Decide whether to block that location in the corporate firewall. (If the attack wasn't detected by your web protection, it isn't classified as malicious.)
  • If the user entered a password, tell them to change it.
  • If the user was contacting their bank, tell them to check there's been no unusual activity on their account.