My employer lets a private company send fake phishing mails to all staff in... - Infosec - kbin.social

frehi, 4 months ago

My employer lets a private company send fake phishing mails to all staff in order to train them. Now that company, which most personnel do not know, sends an e-mail in its own name to all our staff, asking them to click on a link to follow an anti-phishing training. So it looks like the message they are giving to all our staff is: it's OK to click on links from unknown companies, as long as they tell you that it's anti-phishing training. 🤦‍♂️ #phishing #infosec

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

+ oblomov

Image

Image alternative text

Viss, 4 months ago

@frehi this isnt 'training', so much as it is 'the lowest possible denominator in an ecosystem where companies have to prove they are doing a thing, and so snakeoil salesmen create garbage tier "solutions" for the box checkers'.

what you're experiencing is box checking, not training.

your org does this so their insurance is cheaper, and so they can pass certain compliance mandates

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Federation

Status:

Instances:

/m/infosec

Microblog (3157)

Thread

frehi

@frehi@fosstodon.org

Added: 4 months ago
Online: -
Boosts: 1

Magazine

Infosec

@infosec@kbin.social

This magazine is dedicated to discussions on cybersecurity, network security, and information security.

Whether you are an IT professional, a cybersecurity enthusiast, or simply concerned about online privacy and security, this is the place for you.

Here you can share your knowledge, ask for advice, and discuss the latest news and trends in the world of cybersecurity. From encryption and malware to risk management and digital forensics, this category covers a wide range of topics related to information security.

Join the conversation and let's work together to keep our online world safe and secure.

Created: 1 year ago
Owner: ernest
Subscribers: 3669
Online: -

Moderators

ernest

Active people

Related posts

Security firm watchTowr has published its own analysis of CVE-2024-4577, a PHP-CGI vulnerability impacting Windows systems: https://labs.watchtowr.com/no-way-php-strikes-again-cve-2024-4577/...

Show more

4 days ago to random

Cybercriminals Abuse StackOverflow to Promote Malicious Python Package https://thehackernews.com/2024/05/cybercriminals-abuse-stackoverflow-to.html?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity...

Show more

6 days ago to Cybersecurity

Multi-day DDoS storm batters Internet Archive https://go.theregister.com/feed/www.theregister.com/2024/05/29/ddos_internet_archive/?utm_source=dlvr.it&utm_medium=mastodon #cybersecurity #infosec

Show more

7 days ago to Cybersecurity

It took some tinkering but got @QubesOS reinstalled during my #Twitch stream on my @purism Librem 14. Had to rework some of the steps based off documentation to get the #Monero with wallet isolation going. Basically grabbed the tar ball and extracted it to a folder in the template Qube and then had the...

Show more

6 days ago to Twitch

Related threads

University of Michigan employee, student data stolen in cyberattack

Show more

7 months ago to sysadmin

David Attenborough narrates a cyber attack

Show more

7 months ago to InfoSecMemes

Pretender: Your MitM sidekick for relaying attacks

Show more

1 year ago to toolsec

Support Us