Mirum Pharmaceuticals

Phish Reporting/Spam Reporting     

Audience – Tier 1, Tier 2

Description:

            This guide explains the process for how to handle suspected phishing emails and spam.

Procedure:

You are not trained in Cybersecurity, if you receive a ticket asking if something is Phishing or Spam you are NOT to tell them yes or no. You are to advise them that they should do two things if they believe something is phishing. 1st is to reach out to the supposed sender via a new email/teams chat and confirm whether the email was from them or not; do NOT reply to the existing email. 2nd use the phish report button to alert the appropriate parties. 

 The same goes for SPAM; EXCEPT you will advise them that if they believe an email to be spam, to use the block sender/mark as junk option while right-clicking the email in the message list.

Phishing- Mirum uses KnowBe4

1. Find out if the user is using OWA (Outlook on the web) or the desktop app
   1. If it’s OWA, when they open the email towards the right hand corner at the top will be a white envelope with an orange fish hook in it, advise the user to click that and then to click the large blue Phish Alert button in the lower right.
       

 Spam-

1. Advise the user to open the message in Outlook
2. In the toolbar at the top of the screen at the very left corner will be the “junk” button, click that and choose “block sender”
3. If using OWA you can click the 3 dots near the top right corner of the window, and click “Report Junk” (preferred method) or Block 

\

Escalation:

If an escalation is necessary, please escalate to Tier 2 as the first POC, if Tier 2 is unavailable please escalate to SME.