Support Procedure

Print this Page	self-service support	4.3 Fulfilment 08. Support Procedure	fulfilment manager	Close this Page

4.3.02. Support Procedure:

1. Self-service support procedures are designed to eliminate delays between approved people and the Request Fulfilment Managers support team. Where obsolete telephone, fax, text or email communications are used by approved people, then this "Phishing Message" procedure is deployed. An objective is to ensure that the communication is not a phishing attack and that safe and secure methods of work are deployed as soon as possible. Criminals use email tools where the "from" name and address are just other data entry fields without any validation or significance.

2. From a security point of view, every communication that does not originate from an approved person using a bespoke application service must be classified as a phishing attack until it can be proven otherwise. It can be assumed that criminals have a copy of every email ever sent and can replicate any email as a new phishing attack at any time. Only after an approved person has correctly sign-in to a bespoke application service can the communication be verified.

2. Obsolete Communication Procedure:

1. Identify the name of the approved person and their branch.

2. Select the applicable branch welcome page.

3. Select the support dashboard page 2201.

4. Select the support request list page 2212.

5. Click the "new" button to show the add new support request page 2211.

6. Copy the subject from the email to the "subject" field.

7. Select the "application" from the drop down list by guessing.

8. Select the "reason" from the drop down list as "Phishing Message".

9. Copy the message from the email to the "request" field area and upload any attachment.

10. As an alternative, print the email as a PDF image or save as a PNG image and upload that image as an attachment.

11. Select the approved persons name from the "On Behalf Of" drop down list.

12. Click "refresh" on the top menu bar.

13. Enter a reply message as "please verify this support request".

14. Click the "send reply" button - an email is sent to the On-Behalf-Of person so they can verify this is not a phishing attack.

3. What Happens Next:

1. The instant that the "new" button is pressed in step 5 above, the Request Fulfilment Manager is informed and is monitoring the support request in real-time. The support request is actively monitored until closed.

2. As soon as the "send reply" button is pressed, the Request Fulfilment Managers support team will click the "mail" button on the top menu to track and tract the email. When the On-Behalf-Of person clicks to view the support request, then the support message is reclassified as not phishing and can be investigated. If the On-Behalf-Of person ignores the email or opts-out of the subscription, then the support request is closed with no futher action.

4. Professionalism:

1. It is mandatory that the ASP provide a proven example of how businesses must professionally communicate in full compliance with UK laws. Just because others continue to use obsolete methods of working is a perfest reason for the ASP to demonstrate professionalism by only using encrypted communication without telephone or public email.

2. Where a normal business email is blocked by a person, then the bespoke application service shall forward, escalate and reroute an email envelope until it reaches its target person. If the person continues to block all kinds of emails, then they may sign-in and access any support request directly - email is optional.

Document Control:

1. Document Title: Support Procedure.

2. Reference: 164308.

3. Keywords: Phishing Message Support Procedure.

4. Description: Phishing Message Support Procedure.

5. Privacy: Public education service as a benefit to humanity.

6. Issued: 13 Feb 2017.

7. Edition: 2.2.