Information Security Incidents must be reported to the Information Security team immediately.
If a phone call is not possible, then a text message, chat session, or email must be used with an acknowledgement from the InfoSec team that they received the incident report.
An Urgent status Incident should be opened and assigned to the IT Security & Compiance agent group.
Keep the user engaged until InfoSec has replied and given instructions of next steps. Advise the user to NOT click on any hyper links or open any attachments.
Get screen shots if poosible and insert them in the ticket.
Refer to the attached policy for the complete process and Incident types.