• AwkwardLookMonkeyPuppet
    link
    English
    195 months ago

    My company sends out the phishing tests, but never provides any user feedback about them, so they’re worse than useless. If you click the links then oh well. If you report them then oh well. They’re pointless.

  • slazer2au
    link
    English
    195 months ago

    Make a rule that says if knowb4 or Phish.me are in the header move to the trash.

    Bonus points move it to your junk folder and report it to make it look like you know a spam email when you see one.

    • @[email protected]
      link
      fedilink
      English
      205 months ago

      I thought about changing the headers for our tests to avoid this, but honestly if someone is doing that I’m not very concerned about them, lol.

  • @Crashumbc
    link
    English
    135 months ago

    I had a co-worker that never checked voice mail. Didn’t know how, he would just look at who called him and call them back.

    • @[email protected]
      link
      fedilink
      10
      edit-2
      5 months ago

      I do that.

      I choose not to learn how our voicemail system works, so I can always claim I haven’t gotten around to setting it up.

      I don’t want to encourage colleagues to leave rambling voice messages when they could easily send me an email, which will both reach me sooner, and more clearly communicate their point.

      If it’s something that must be a phonecall, then the fact that I missed a call from them does the trick of getting me to call back, without anyone needing to interact with a talking computer.

      Edit: people I like working with (mainly people whose work betters the world, or results in my earning more money) get a call back without needing to leave a message. Everyone else can send an email.

    • AwkwardLookMonkeyPuppet
      link
      English
      85 months ago

      At my last job they never even told me that I had a phone line or a voicemail. I found out about it after being there for 2 or 3 years. I had over 500 voicemails. It’s weird that I had either of those things, and that other people were using them, since we primarily communicated through slack.

      • @dejected_warp_core
        link
        45 months ago

        I did something similar at my last gig. I was issued a work cellphone, as was everyone else. Desk phones were a thing, but so was liberal work-from-home. So hardly anyone used the desk phones, and I never requisitioned one.

  • @[email protected]
    link
    fedilink
    125 months ago

    My company marks missed phishing tests as bad. I think if you miss 3 or 4 then it’s like falling one so you have to take some training

  • Franklin
    link
    105 months ago

    I’m so ashamed. They sent out a phishing test the other day and I was extremely tired because it was like seven a.m. and I opened it and I immediately realized what I had done.

  • @Broken_Monitor
    link
    105 months ago

    Settle an argument for me: Is there anything wrong with just opening a phishing email? No replying, downloading attachments or clicking links. Just opening it.

    • @[email protected]
      link
      fedilink
      English
      15
      edit-2
      5 months ago

      Generally no-- the payload typically comes from some sort of interaction (click a link, open an attachment, reply to the message). There have been some zero interaction attacks with emails before. Like for example, when the email is previewed in the reading pane in Outlook. These are exceptionally rare and not what we’re training against when we do phishing training.

      That said, if you know an email is phishing it’s always best to not interact with it at all, but you really can’t always tell by the sender and subject line alone.

      • GreatAlbatross
        link
        fedilink
        English
        55 months ago

        It also depends if your client downloads embedded content (images) by default. (For example, a publicly hosted email signature image, rather than an image attached to the email).

      • @dejected_warp_core
        link
        25 months ago

        In the case of using the preview pane, there’s a subtle case of displaying external images (img src in HTML) where an attacker can get an idea of what content is getting past email filters. The client will just download the image automatically, and the attacker’s webserver logs the activity. I think that can be turned off in various email clients, but folks have to be savvy enough to know to do it.

        • @jaybone
          link
          35 months ago

          Doesn’t thunderbird by default not download external images?

          Also if I was working IT for some company I would make sure all email clients were configured that way.

    • @WagnasT
      link
      85 months ago

      There may not be enough info in the subject line to tell if it is phishing so I think the point is moot. I guess the threat vector could be a zero day exploit for your email client in the body of the message but I don’t see how you’ll be able to detect a problem from just the headers unless it’s really obvious.

      • @Broken_Monitor
        link
        85 months ago

        For context, my gf’s employers have been scolding people for opening them and I think that’s bullshit, mainly for what you just said

        • @[email protected]
          link
          fedilink
          25 months ago

          Yeah. If you’re targeted by a 0day you don’t really have a chance. If someone uses a 0day they might aswell spend 2 minutes checking the mail for plausibility.

          If it’s not a 0day and your company hasn’t patched, probably not your problem. Curiosity > risk of 0day

          Otherwise, if we extend this lane of thinking, you couldn’t visit any website you don’t know 100% is trustworthy. There could always be a 0day in your browser.

    • @[email protected]
      link
      fedilink
      English
      15 months ago

      If you use Outlook/Windows then opening it is sometimes enough. Swap to GSuite if you can.

  • @blazeknave
    link
    35 months ago

    Got props for being the only one up to date on patches. All I actually did was show up late to a meeting bc it restarted itself against my will.