• @[email protected]
    link
    fedilink
    English
    1141 year ago

    Happened at my workplace. An phishing email went out to test how likely people were to click the link.

    Anyone who clicked the link had to take phishing training. Anyone who forwarded it to our internal “hey this is a phishing email” service also had to take training… because the internal service would automatically click the link.

      • @[email protected]
        link
        fedilink
        57
        edit-2
        1 year ago

        Yeah, I’m very confused by this. Why do the users notifying IT have to do the training?

        I’ve worked a help desk before, while after dozens of people sending it in we don’t really need it forwarded anymore, people don’t know that until we get the I’d still rather people forward it than click it. Ignore and delete is best since I guarantee someone will forward it to IT, but forwarding (even forwarding and asking) is never bad and demonstrates good awareness.

        • @jcgA
          link
          171 year ago

          Yeah, I’m very confused by this. Why do the users notifying IT have to do the training?

          The URL likely is unique per user. They forward it, IT clicks the link, it registers that that user clicked the link even though IT did it.

    • @[email protected]
      link
      fedilink
      91 year ago

      They got me good with this one time. It looked like a newsletter from like Seattle times or something, I was like I didn’t sign up for this shit and immediately clicked the unsubscribe link, boom enrolled in training. Well played, guys.