Oh they’re targeted There’s even a term for it. It’s called whaling.
About punishment though, do companies normally “punish” people for being victims of a cyberattack? I could see them maybe make you take some cyber security training.
If they fired you, I wonder if the company would worry you might sue them for wrongful termination, claiming it wasn’t your fault.
Of course if they give you the security training and you still click the bad link, maybe they can use that as a justification for termination, where they will claim you were properly trained to avoid it.
That likely would happen, but it definitely shouldn’t. If someone clicks on a phishing link, that is the fault of the business for not training them well enough.
Oh they’re targeted There’s even a term for it. It’s called whaling.
About punishment though, do companies normally “punish” people for being victims of a cyberattack? I could see them maybe make you take some cyber security training.
If they fired you, I wonder if the company would worry you might sue them for wrongful termination, claiming it wasn’t your fault.
Of course if they give you the security training and you still click the bad link, maybe they can use that as a justification for termination, where they will claim you were properly trained to avoid it.
Yes, a pleb that clicked a link that brought the org to an expensive screeching halt for weeks, would have been fired
That likely would happen, but it definitely shouldn’t. If someone clicks on a phishing link, that is the fault of the business for not training them well enough.
You would almost certainly not win that wrongful termination suit.
But you might be able to drag it out long enough for a settlement.