The best countermeasure to social engineering is user awareness training. If users understand the importance of security and the restrictions on types of information, they are less likely to reveal confidential information or perform unauthorized activities at the prompting of a stranger or a claimed identity over the phone.

Hoax virus information emails are a form of social engineering attack. This type of attack preys on email recipients who are fearful and will believe most information if it is presented in a professional manner. All too often, the victims of these attacks fail to double check the information or instructions with a reputable third-party anti-virus software vendor before implementing the recommendations. Usually these hoax messages instruct the reader to delete key system files or download Trojan horses. Social engineering relies on the trusting nature of individuals to take an action or allow unauthorized action.

Mark should delete the email without opening the attachment. There are a variety of spelling errors, which wouldn't likely happen if the email were from a real software company. The attachment almost certainly contains malware that would install on Mark's system if he opened it. He should not forward or reply to the email.

A Man-in-the-Middle attack is a technological attack where a malicious person intercepts network communications between two hosts, posing as the sender to the receiver and as the receiver to the sender.

Convincing an employee to reveal his logon credentials over the phone is an example of a social engineering attack. Constructing an IP packet which is larger than the valid size is a form of denial-of-service attack. Planting malicious code on a system where it waits for a triggering event before activating is a logic bomb.

Critical systems such as database servers and web servers need to be equipped with a UPS, or uninterruptible power supply. These devices provide a temporary power source during an outage that gives the system enough time to shut down cleanly without data loss or corruption.

Data redundancy is a method of increasing fault tolerance by storing data in a way that ensures that the data is recoverable in case of hardware failures. RAID arrays and replication are two data redundancy strategies.

A denial-of-service attack attempts to overload a system so that the services it provides are no longer available to legitimate network clients.

Wiretapping is a form of eavesdropping that uses programs such as packet sniffers to capture data being transmitted over a network.

Devices that are infected with malware that can be remotely controlled by an attacker are known as zombies. A collection of these zombies that are controlled by the same attacker are known as a botnet (robot network).

Phishing is an attempt to trick a user into compromising personal information or downloading malware. Most often it involves an email containing a malicious attachment or hyperlink.

A man-in-the-middle (MITM) attack intercepts communications between two systems and alters the message before sending it on to the original recipient.

Spoofing is when an entity misrepresents itself by using a fake IP address or, more commonly, a fake email address that resembles a real address. The person being spoofed may not immediately discover that the address is fake.

You have already identified the issue, so the next step is to take actions to stop the attack and contain the damage. Although it is important to preserve as much information as possible to assist in later investigations, it might be better to stop the attack, even if doing so alerts the attacker or results in the loss of evidence regarding the attack.