GoFuckYourself.com - Adult Webmaster Forum - View Single Post

ASACP Tim · 07-17-2009, 12:18 PM

Thanks everyone for the support we all very much appreciate it!

PSD CSS XHTML, yes it really is daunting when something like this happens and you have to remember that only a portion of the people who receive the emails write in to ask for an explanation. We have set operating procedures for this kind of thing and one of the goals is to do everything we can to get the word out to those people who received the email. One of those steps is to reply to each and every one of those that contact us if at all possible. This obviously depends on the volume of email we receive but we do our absolute best to get back to everyone eventually. We also put a notice on our home page and reporting page as well as a press release.

I'm happy to share our procedures for this here if it can help any of you out in the future if you get hit with something.

In the event of an attack the following procedures need to be implemented as soon as is practical and possible.

Once the attack is discovered try to detail all aspects of the attack for site notice, press release and FBI. What is the nature and purpose(s) of the attack? How large is the attack?

Depending on the nature of the attack contact hosting provider for support/technical information.

Post notice to the site explaining that this is an attack. This notice should remain in place for a minimum of 5 days after the attack ends.

Write press release detailing the specifics of the attack. Post to site and send to members and trade publications.

Monitor industry boards for posts regarding the attack and respond as necessary. Length of time to monitor boards depends on the severity of the attack.

Respond to all email inquiries in the order they were received, in as timely a fashion as possible. (depending on the volume this may be virtually impossible but it is important to respond to as many as is practicle/possible)

Contact FBI Cyber Crime Unit.

Report to Internet Crime Complaint Center http://www.ic3.gov/ (IC3) .

Report to the FTC [email protected]

Check the Blacklists.

Notes: There may be other secondary procedures depending on the nature and purpose(s) of the attack that would be prudent to follow up on. Examples may include; virus attachments and phishing email. Please see http://www.fbi.gov/cyberinvest/escams.htm

07-17-2009, 12:18 PM
ASACP Tim Confirmed User Join Date: Jan 2003 Posts: 140	Thanks everyone for the support we all very much appreciate it! PSD CSS XHTML, yes it really is daunting when something like this happens and you have to remember that only a portion of the people who receive the emails write in to ask for an explanation. We have set operating procedures for this kind of thing and one of the goals is to do everything we can to get the word out to those people who received the email. One of those steps is to reply to each and every one of those that contact us if at all possible. This obviously depends on the volume of email we receive but we do our absolute best to get back to everyone eventually. We also put a notice on our home page and reporting page as well as a press release. I'm happy to share our procedures for this here if it can help any of you out in the future if you get hit with something. In the event of an attack the following procedures need to be implemented as soon as is practical and possible. Once the attack is discovered try to detail all aspects of the attack for site notice, press release and FBI. What is the nature and purpose(s) of the attack? How large is the attack? Depending on the nature of the attack contact hosting provider for support/technical information. Post notice to the site explaining that this is an attack. This notice should remain in place for a minimum of 5 days after the attack ends. Write press release detailing the specifics of the attack. Post to site and send to members and trade publications. Monitor industry boards for posts regarding the attack and respond as necessary. Length of time to monitor boards depends on the severity of the attack. Respond to all email inquiries in the order they were received, in as timely a fashion as possible. (depending on the volume this may be virtually impossible but it is important to respond to as many as is practicle/possible) Contact FBI Cyber Crime Unit. Report to Internet Crime Complaint Center http://www.ic3.gov/ (IC3) . Report to the FTC [email protected] Check the Blacklists. Notes: There may be other secondary procedures depending on the nature and purpose(s) of the attack that would be prudent to follow up on. Examples may include; virus attachments and phishing email. Please see http://www.fbi.gov/cyberinvest/escams.htm __________________ http://www.asacp.org http://www.rtalabel.org Check out our PSA's Are you labeled? Protecting your business by protecting children [email protected] ICQ 1-173-410 Add me at XBiz.net Add me at AdultWhosWho