Eric Replatformed: My company: click this link to take your cybersecurity training immediately or risk termination Training: be wary of emails creating a sense of urgency and fear asking you to click a link

My company: click this link to take your cybersecurity training immediately or risk termination Training: be wary of emails creating a sense of urgency and fear asking you to click a link

I take far more joy than I should, in reporting corporate email that fits training the definition of spam as spam.

Me too

Was in DEI training the other week, and HR mentioned their low response rate to surveys. One of the participants pointed out that the survey emails check off basically every red flag for phishing. HR, despite also doing the phishing training, was surprised by this feedback.

It me

A few weeks after mandatory security training, our HR dept sent a company wide email that mainly consisted of "click this link to view a message from our CEO"

People in my Org, including the CyberSecurity Director, will send an email with a link and add "This link is safe to click". OK then. Let's fucking party!

🤣🤣🤔

If you don't click the link, do you automatically pass the training?

Adult Content

Labeled by Bluesky Moderation Service

If you're me, six months later you get an email from your boss telling you to take the damn training already or you're not eligible for a merit raise.

Be sure to ask for confirmation in writing that this definitely isn't a cyberattack first, and that your boss takes full responsibility for any consequences to your clicking on a link in a suspicious looking email before doing it. Just in case.

Adult Content

Labeled by Bluesky Moderation Service

The IT dept at a former employer used to send out emails with blind links that went back to them. If you clicked, you got scolded, if you emailed to report it as possibly fraudulent you got an "atta-girl/boy"

We get those at my company - sadly, they’re WAY more obvious than the actual phishing emails so I don’t know that it’s really teaching people anything.

There's the problem that people will get used to the "training emails" being sent too, so that they take the phishing emails less seriously thinking they're just another training test.

Adult Content

Labeled by Bluesky Moderation Service

So true. Although to her credit the woman who manages them for my office always precedes them w/ an email from her individual address saying "Our vendor is about to send the monthly training. Here's a screenshot of what it will look like. Yes, it's safe to click it. Please click it."

My agency: beware of emails from EXTERNAL. My agency: we’re shifting our IT ticket system to an EXTERNAL contractor.

Our lot like to test you by sending irregular fake "phishing" email, and if you identify them as phishing you pass the test, if you click the link you fail. What they don't appear to realise is there are header elements which allow easy identification, so I've set up a rule to "file them away".

All this trains in me is that I’m better off identifying all emails as phishing, and then I miss the important ones.

Lawd. Lawd. This is SO TRUE. I'm up to here with all this immediate online training completion or you're outta here!

Definitely report the email.

Such a good skeet

At my workplace, security has to keep sending out messages that the CEO will never send me a random email asking me to buy gift cards and send her the numbers from them. Who is falling for this nonsense?

These are people of the land. The common clay of the new West. You know... morons.

As long as we don’t have to get a shitload of dimes

🎯

Email from my boss: Here is something you really need to do that will take a long time. Me: Report Phishing.

The company that provided our web safety training leaked our personal data 😭

Failed the first test by clicking 😔

Literally I was not able to access our training through our Okta tiles and had to click an email link and told my manager that I thought that was hilarious

Omg truth

Post