I always click to see if the phishing email is real or not!
Comment on Appreciation / shock at workplace IT systems
i_am_not_a_robot@discuss.tchncs.de 8 months ago
My favorite is when IT deploys software that replaces all the links in your e-mails with https://example.com/phishing/YiCdMdsY so you can’t tell whether the e-mail is phishing or not, frequently sends you very obvious fake phishing e-mails that interrupt your work by going straight to your priority inbox, and punishes anyone caught clicking on phishing e-mails. Then HR sends out e-mails that have all the indicators of low effort phishing and you’re supposed to click on those.
summerof69@lemm.ee 8 months ago
i_am_not_a_robot@discuss.tchncs.de 8 months ago
New action items have been assigned to you:
- Remedial cybersecurity training (4hr): due by Mar 22
summerof69@lemm.ee 8 months ago
BigMikeInAustin@lemmy.world 8 months ago
Had one of those. Very convincing. Showed my boss. My boss also thought I could be real. So I clicked it. The landing page was an internal “you’ve been caught” page. Then I got the phishing-email training assignment.
dai@lemmy.world 8 months ago
Gallagher were great at that, rubbish solution for “teaching” staff about phishing which would infuriate all staff caught in the net. Would come from internal email addresses too which, if one person’s email / credentials are compromised they’ve got bigger fish to fry.
possiblylinux127@lemmy.zip 8 months ago
Broken company mechanics in a nut shell
Konraddo@lemmy.world 8 months ago
Omg, my previous company did the same. But you missed a part. If you accidentally left out a real email, thinking it’s a scam, then the client will file a complaint.