• Rentlar@lemmy.ca
    21·
    1 year ago

    I find that Cybersecurity training emails hit every red flag for a phishing email even if it’s legit:

    • From an external organization without my company’s letterhead.
    • Automated and I receive it at like 4am
    • A message saying something to the effect of “IT has assigned important training for you”
    • A link whose URL is a long string to an unidentifiable site
    • Clicking the link immediately takes you to a login page to enter your company email.

    If I wanted access to someone email and password maliciously, I’d totally make a cybersecurity training site like http://cybersecuritytraining.biz, tell people they are due for company cybersecurity training just like this and I bet I’d get a lot of accounts.

    • Kiloee@discuss.tchncs.de
      10·
      1 year ago

      We recently got those training mails (legit ones just to make that clear) and the IT got so many tickets about it despite telling us that they were planned and showed an example of how they looked on teams, they had to make another post that essentially said „yes, this is legit, you can click the link.“

      It amused me greatly.

  • DarkMatterStyx @lemmy.fmhy.netEnglish
    18·
    1 year ago

    The last two companies I worked for had frozen wages due to market instability for years. Its amazing how they managed to make record profits quarter over quarter. They don’t care about my bottom line, I don’t care about theirs. I started opening every attachment that came my way.

  • ✨Abigail Watson✨
    12·
    1 year ago

    My work sends out fake phishing emails and the people who click them get in trouble. Of course, they always come from one particular address that I blocked.

    I wish they’d do more realistic emails though. “You won a prize you didn’t apply for!” is pretty basic. If it was one of those fake invoice PDFs I always get on my personal, I’d totally let a trojan onto the work network.