Happened at my workplace. An phishing email went out to test how likely people were to click the link.
Anyone who clicked the link had to take phishing training. Anyone who forwarded it to our internal “hey this is a phishing email” service also had to take training… because the internal service would automatically click the link.
They got me good with this one time. It looked like a newsletter from like Seattle times or something, I was like I didn’t sign up for this shit and immediately clicked the unsubscribe link, boom enrolled in training. Well played, guys.
Yeah, I’m very confused by this. Why do the users notifying IT have to do the training?
I’ve worked a help desk before, while after dozens of people sending it in we don’t really need it forwarded anymore, people don’t know that until we get the I’d still rather people forward it than click it. Ignore and delete is best since I guarantee someone will forward it to IT, but forwarding (even forwarding and asking) is never bad and demonstrates good awareness.
Random but what I always wonder is: what’s the point of forwarding?
Are we assuming they’re attaching the original email’s source so that the headers can be used to determine the source? Without that, the only thing useful I can think of would be any links in the email body.
Asking because I’ve owned an email address or two that got leaked in data dumps so I go crazy tracking down the sending server’s owner, any companies they’re pretending to be, any domain registrars, etc. and a lot of that requires analyzing the headers.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !programmerhumor@lemmy.ml
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.
Good ideer, thanks
?
?
Could a swore I typed good idea. Was prolly high AF lol
Cletus dun took over yer kee-clicky box n typed it fur ye.
This guy fucks
Only cuzin Ellie tho, we got rules
Thought you were just speaking dutch
Am Dutch, cannot confirm, I haven’t got the foggiest what an ideer is.
It’s Apple’s new smart deer technology
Happened at my workplace. An phishing email went out to test how likely people were to click the link.
Anyone who clicked the link had to take phishing training. Anyone who forwarded it to our internal “hey this is a phishing email” service also had to take training… because the internal service would automatically click the link.
They got me good with this one time. It looked like a newsletter from like Seattle times or something, I was like I didn’t sign up for this shit and immediately clicked the unsubscribe link, boom enrolled in training. Well played, guys.
sounds like the internal phishing service should be the one needing to do training
Yeah, I’m very confused by this. Why do the users notifying IT have to do the training?
I’ve worked a help desk before, while after dozens of people sending it in we don’t really need it forwarded anymore, people don’t know that until we get the I’d still rather people forward it than click it. Ignore and delete is best since I guarantee someone will forward it to IT, but forwarding (even forwarding and asking) is never bad and demonstrates good awareness.
Random but what I always wonder is: what’s the point of forwarding?
Are we assuming they’re attaching the original email’s source so that the headers can be used to determine the source? Without that, the only thing useful I can think of would be any links in the email body.
Asking because I’ve owned an email address or two that got leaked in data dumps so I go crazy tracking down the sending server’s owner, any companies they’re pretending to be, any domain registrars, etc. and a lot of that requires analyzing the headers.
Ah, yeah, forward as attachement of course.
IT can look up the original (including all headers) based on the forwarded content. It’s on the same mail server.
Oh that’s right! Wow!! Really feeling dumb for that one now.
The URL likely is unique per user. They forward it, IT clicks the link, it registers that that user clicked the link even though IT did it.
stop that part then
If only I had the power
I mean, just don’t click anything in a phishing e-mail
What if I click it a lot?
knock yourself out
Stop doing that in a phishing e-mail then
/sNeither close it
I hate this guy from bottom of my core
“I know I know, Leon is talking backwards, this isn’t good”