One of my users in our network received an e-mail. After opening the e-mail, he was bombarded by a multitude of
pop-up windows. I have deleted all the cookies and temp files as well as all offline content from his system, yet he is still receiving these pop-ups. How can I get rid of this? I have even loaded a pop-up stopper on his PC with no such luck. Please help. Sorry to hear about your user and the pop-up windows bombardment. No doubt, this can be both frustrating and an embarrassing situation.
First, begin by identifying the domain or IP address of the source of your email, then set up a filter in your mail server to block SMTP traffic from the source to your entire network and customers. A quick look at the Message Source in the Details tab of File|Properties of the email (e.g., in Outlook) will display the Return-Path, IP address (Received:from), and ESMTP/SMTP ID of the source of e-mail - information that you will need later to track the message in your firewall and mail server.
Second, check your firewall and mail server logs to determine the extent of bombardment to other customers and users in your company. Run a search of the above domain(s) and IP address(es) and try to find a pattern; for example, try to isolate when pop-ups first occurred and the IP address of host on your network visiting the domain the pop-ups are generated from. Notify the sender's ISP and report the incident. Provide them with the above information. While you're at it, find out what your ISP's Internet Abuse Policy/Program offer for assistance.
Third, find out if your firewall offers anti-SPAM features and supports a filter (similar to filter on your mail server). Next, configure a filter on your firewall. Consider configuring an Access Control List (ACL) on your border router and filtering IP address or network to stop pop-ups in your perimeter router.
Fourth, update your anti-virus engine and signature file and launch a full scan on the affected host(s) then notify your Anti-virus company to make sure that the host(s) doesn't have a Trojan horse.
Finally, recommend that a formal e-mail be sent to inform other internal users of pop-ups and to report to Operations/IT Department any spams, pop-ups, suspicious behaviors with email client, browser, etc? This is also a good time to review your company's corporate security policy and, depending on your role, inform and educate users not to open emails from unknown senders. When in doubt, users should contact their IT Manager.
Dig deeper on Network Administration
Related Q&A from Retired Expert - Luis Medina
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.