Cybersecurity - Memes

1902 readers

12 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Alphadef@programming.dev

CannaVet@lemmy.world

Phishy (i.imgur.com)

submitted 3 months ago by TehBamski@lemmy.world to c/cybersecuritymemes@lemmy.world

31 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Hagdos@lemmy.world 8 points 3 months ago (14 children)

My company started with mandatory cybersecurity trainings for all employees. The training tool sends out automated emails to remind you when you have to do a new part of the training.

These emails, from a cybersecurity course, followed all the rules of being a phishing email:

Sent from a non-company server
Had a big red button to click here
Urged you to take action ("You have 5 days to complete your training")

IT decided to fix that, by adding a line to the emails that this email is really from our company. Like a phisher wouldn't think of saying "nah, trust me bro, I'm totally legit"

[–] Randomocity@sh.itjust.works 1 points 3 months ago (2 children)

The correct solution to this is to have the training emails say to log in to take the training, no link in the email at all

[–] SpaceCowboy@lemmy.ca 1 points 3 months ago (1 children)

A better way would be to have the link be to the company's webserver which could then redirect to the external course.

I offered to set this up for my company (it's not that hard) but nah, they went with telling everyone to click on a link to an unfamiliar site to learn about why they shouldn't click on links to unfamiliar sites.

[–] Randomocity@sh.itjust.works 1 points 3 months ago

Then you are still trusting people to hover the link before clicking which from what I've seen isn't the best. Though there is the added benefit of using this as additional training to hover...

load more comments (11 replies)