My workplace does simulated phishing emails every Friday. If you click on them, they make you do training. Last month, someone’s email was breached and they started sending out tons of phishing emails, the users reported it en masse and we had dozens of reports within minutes - and these emails went out at 10PM on a weekend! Seems like our training works.
Last month all employees were invited to a mandatory security trainings via email that looked so incredibly suspicious, that hardly anyone showed up and Corporate had to send out a clarification plus new invites.
So, we were trained that even the most obvious phishing attempts might actually just be a crappy IT sec shop (and the “training” was about as good, as you’d expect).
The only time I clicked on one of those I was on a meeting with a client and my boss was also in the meeting (the client was sharing his screen). Suddenly I get an email from my boss telling me to review the attached pdf with a teams link and the title of the pdf was similar to the project we were working on
As soon as I clicked I got an “invitation” for additional training
My workplace does simulated phishing emails every Friday. If you click on them, they make you do training. Last month, someone’s email was breached and they started sending out tons of phishing emails, the users reported it en masse and we had dozens of reports within minutes - and these emails went out at 10PM on a weekend! Seems like our training works.
Last month all employees were invited to a mandatory security trainings via email that looked so incredibly suspicious, that hardly anyone showed up and Corporate had to send out a clarification plus new invites.
So, we were trained that even the most obvious phishing attempts might actually just be a crappy IT sec shop (and the “training” was about as good, as you’d expect).
The only time I clicked on one of those I was on a meeting with a client and my boss was also in the meeting (the client was sharing his screen). Suddenly I get an email from my boss telling me to review the attached pdf with a teams link and the title of the pdf was similar to the project we were working on
As soon as I clicked I got an “invitation” for additional training
Too bad your IT department doesn’t.