• Square Singer@feddit.de
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Our phishing test emails have a special header so they are ignored by the spam filter.

    I created an email filter that checks for this header and sends all emails with that header into the spam folder.

  • RetroRandy@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    I quit reporting any emails at my job. Reported one from an outside source once, but it wasn’t technically a phish. So I received mandatory online safety courses for “wrongly reporting a phishing scam”. Which was the same courses I was already forced to take a few months prior. I was pissed.

    • chrisd@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I safely opened an obvious phishing mail to see the tactics they employed - not realizing our company signed up with a company to “test” its employees. I was then required to attend mandatory phishing training - I refused on the grounds that I didn’t fall for the attempt. The “you must attend by” date came and went and I never heard anything more about it from IT. I, too, was pissed.

      My favorite thing now is to report mails from the head of IT as phishing emails (e.g., “…we are seeing an increase in phishing attacks around this rando topic. Click here to learn more…”). Test me once, shame on me…