this post was submitted on 19 Aug 2024
190 points (99.5% liked)

Cybersecurity - Memes

1891 readers
2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Alphadef@programming.dev
CannaVet@lemmy.world
190
Does your company do phishing simulations? (feddit.org)
submitted 3 weeks ago* (last edited 3 weeks ago) by cron to c/cybersecuritymemes@lemmy.world
33 comments fedilink hide all child comments
 

We found out that 10% of our users entered their password.

you are viewing a single comment's thread
view the rest of the comments
[–] Vinny_93@lemmy.world 9 points 3 weeks ago (1 children)

They haven't fooled me yet. They're actually fairly easy to spot.

[–] clif@lemmy.world 3 points 3 weeks ago (1 children)

The last round my company did was pretty damn good. The email itself was well done and professional looking. They even registered a domain that was one letter different than the company name for the source email domain and the phishing form.

It was still one of those things that makes you hesitate like "your password has expired, click here to reset it" and the email client blatantly flagged it as being from outside our true domain. The client warning was the easy thing to spot, the rest was really well done.

[–] APassenger@lemmy.world 4 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

That's the odd thing with where I work, until recently all the phishing simulations were from within the company domain and so lacked the [External...]

It's not impossible for an already infiltrated network, but I still expect to see that it came from outside. Maybe that's me, tho.

Wdits: spullings <- like those

[–] clif@lemmy.world 1 points 3 weeks ago

Wow, that is impressively sneaky to use the legitimate domain.