[RKDinOKC]

Example of people mentioned above and hiring people not capable of doing their jobs.

One of the security staff, in fact the head of security got his computer hacked this morning. He received an email earlier this morning that was a successful phishing attempt. It told him his email account was going to be closed unless he clicked on a link and verified his password.

He called me after the 3rd email to ask me what was going on after entering his login and password information according to the instructions in the two previous emails. Told him he had fallen for a phishing attempt and to shut down his computer immediately. That I would disable his account and would send someone from IT to scan it for viruses and malicious software.

He told me he was too busy to shut down his computer and wait for someone to scan it. I asked him if it seemed like it had gotten slower this morning and he said yes it had. Since he was refusing to shut down his obviously infected computer I immediately logged in and disabled his account, then looked up his computer, logged into it, and shut it down. He got pissed.

While listening to him rant messaged the IT director and my Boss telling them what was going on and they immediately sent someone to disconnect his computer from the network and scan it.

I politely told him that those were phishing emails and had likely loaded malware onto his computer when he clicked those links and entered his information. Then tried to describe the things he should look for as clues that he is being phished like return address, the address the link goes to etc. When he cut me off, told me he didn't need to be told that, he just needed it fixed and hung up.

Messaged my bosses to let them know what was going on and the Director messaged back that he was on the phone with the irate security manager right now.

In a few minutes a PC tech messaged that he had found a keystroke logger that was filling his hard drive recording everything done on the computer, and another malware that was in the process of taking over the computer in the background. Luckily there wasn't anything trying to spread across the network, yet anyway.

After they got the guy back up and running the IT Director called me and asked what I said and did. Told him and was told it didn't sound like I did or said anything that would have gotten the guy so angry and that is was a good thing I shut his computer down when I did because I stopped the malware before it got to the point of spreading across the network. Told him the guy probably got upset that he fell for the phishing attempts, especially since he was head of security.

Called the guy and appologized for shutting his computer down and told him we were able to stop the malware from spreading to other computers in the company. And sorry for any any inconvenience. Did NOT mention he needed be more careful before clicking links and entering his information.