this post was submitted on 29 Mar 2025
984 points (98.8% liked)

[Moved to !iiiiiiitttttttttttt@programming.dev, check pinned post.] iiiiiiitttttttttttt.

906 readers
1 users here now

you know the computer thing is it plugged in?

Moved to !iiiiiiitttttttttttt@programming.dev.

founded 2 years ago
MODERATORS
Irelephant@lemm.ee
rindecision@lemmy.world
irelephant@lemmy.world
984
The devil did this. (lemm.ee)
submitted 1 month ago by Irelephant@lemm.ee to c/iiiiiiitttttttttttt@lemmy.world
126 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] digdilem@lemmy.ml 3 points 1 month ago (1 children)

This is not reliable.

Phish training companies are using a huge variety of domains, including look-alikes relevant to the test - including valid spf/dkim/dmarc configurations. Exactly as real phishers do - and there's no effective way to automate their filtering.

[–] slazer2au@lemmy.world 1 points 1 month ago (1 children)

Are you sure? Have you ever looked at the header of an email from knowb4 or phishme? The emails come from their own mail servers.

[–] digdilem@lemmy.ml 4 points 1 month ago

Yes, absolutely. We used to use knowbe4. I'm not saying they didn't do this in the past, but I know for certain they didn't when I checked.

There were obviously hints - the campagns are designed to be detectable - but easy filtering was not one of them, that would be stupid.