Deal with web browser attacks
This is what happens when we detect a web browser threat.
When an attack is detected:
- Intercept X warns the user to close the browser.
- A Sophos Clean scan starts.
- A threat graph is generated.
What you should do
You should do as follows:
- Use the threat graph to identify the IP and URL connection associated with the attack.
- Decide whether to block that location in the corporate firewall. (If the attack wasn't detected by your web protection, it isn't classified as malicious.)
- If the user entered a password, tell them to change it.
- If the user was contacting their bank, tell them to check there's been no unusual activity on their account.