Guidelines for Handling Abnormal Situations

Email Notification

Sends an email to the user informing them of any suspicious login attempts. This email may include information such as the time of the login attempt, the location, and the device used.

Mobile Notification

In addition to emails, users can be notified of unusual login attempts through SMS, app push notifications, or other mobile notification methods.

Account Lockout

In cases deemed as serious threats, the user’s account can be locked to prevent unauthorized login until the user recovers their account, thereby preventing further illegal access.

Password Reset Requirement

Users may be prompted to change their passwords, ensuring the secure alteration of potentially compromised passwords by hackers.

Two-Factor Authentication (2FA) Requirement:

Upon detecting suspicious login attempts, users may be required to undergo two-factor authentication, such as receiving a code on their mobile device. This helps prevent unauthorized access by individuals who are not the actual user.

User Education

Provides users with information on secure login practices and methods to avoid phishing attacks, helping users protect their accounts.

Reporting Anomalies to the Cybersecurity Team

Reports suspicious login attempts to the organization’s cybersecurity team, enabling early detection and response to broader security threats.

Anomaly Patterns