I just experienced my first full-blown malware incident as an IT person
TL;DR: For all the IT focused people out there, make sure you get your Security+ or have comparable knowledge about cybersecurity! It can be very important, and saved my butt when my first malware related ticket popped up out of nowhere.
EDIT 1: The higher level security guys at our company said that it was likley a scareware attack/piece of malware, plus whatever the fishy "security" software the sysadmin and I found after the reboot could have done. Reimaging it is!
The malware infected computer isn't mine thankfully (Im an IT Desktop Support tech), but one of our users. We (Sysadmin and I) think (so far) that the user typed the wrong URL or made some kind of typo in the URL that redirected them to a phishing page that enabled the malware download. They then had one of their monitors hijacked by a malware program which flashed lights and sirens, with a fake credentials box and fake support hotline to call to boot!
And worst of all, they actually called the damn number! We (IT/company) got very lucky that the scammers on the other end were only hunting for personal computers to pilfer information from, since the user was on a company issued laptop. The user is a mid level employee in the company too, so any kind of credential compromising, or g-d forbid a remote session, could have done some damage.
Thankfully, due to the cybersecurity background I've gotten via my Security+ and CCNA certs, I knew what was happening as soon as the user was describing it to me, and was able to get them in a calm state, and then follow up with the sysadmin with useful information to escalate the situation quickly. I'm gonna have to re-image the computer on the spot, in the office, after this user was supposed to be clocked out for the day. What a mess!