STOP, LOOK and THINK! Before you click on any link in an email or open an attachment!

 Oh No! I CLICKED ON IT! Now what? First, DO NOT PANIC!

It is not a good idea to panic in a case where you may have inadvertently or unknowingly clicked on an attachment or link in a suspect email. Everyone has fallen for one scam or another at some time. It is human nature and that is what the bad guys use against us. Or try to, anyways. But we know better.

Bioventus has some of the best users when it comes to caring about the security and protecting all of our assets. So when the time comes that you click, don’t panic. Let’s deal with this in a sensible manner.

First, let’s look at what you may have done. An email arrives, and it is malicious. Sometimes the red flags are so hard to see, because the sender is extremely smart and very good at what he does. Let us say you clicked on a link in the email and it opens a web site. Is that bad? Not necessarily, but it could be. Is there a place asking for credentials? Well, that is a sure sign that it is malicious. As we all know, we use Okta for our approved sites. So, if it is business related then it should be in Okta. So that is one potential.

What do you do next? If all you did was click the link and did not enter your credentials, then close the page and report the email to the security team. The simplest way to do this is to use the Phish Alert Button in the Outlook toolbar. If you do not have this, then forward the email as an attachment to [email protected]

You can delete the email. There is no need to report the same email if it comes in more than once, just delete the duplicates. Please also understand that this is not a magic tool that will block all those emails in the future. This is a mechanism to report potential malicious emails that are an attack against Bioventus so that they can be investigated. This is not a mechanism for reporting Junk or Spam. Yes, those are completely separate items from Phishing. Only Phishing is malicious and only Phishing should be reported. Sales call emails, marketing emails, contact lists for sale, etc. These are annoying, but not malicious and do not need to be reported.

Another situation is that you received the email and clicked the link and entered in some Bioventus credentials, what do you do in that case? Still, do not panic. Contact the helpdesk immediately and let them know. Expect to have your password changed, your system scanned and for the security team to be alerted so that they can be on the lookout for attempts to use the credentials you entered.

Report the email with the Phish Alert Button or forward as attachment to spamabioventus.com

Another situation is that you opened an attachment in a malicious email. Again, without panicking, contact the helpdesk. Let them know. Report the email with the Phish Alert Button or forward as attachment to [email protected]

Key Points to Remember:

  • Do not panic
  • Contact the Helpdesk
  • Report the email

Remember, you are the last line of defense against these emails. When in doubt, verify with the sender or report to [email protected] for verification.

It is up to you to – STOP, LOOK and THINK!