• 5714@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    7
    ·
    5 months ago

    Then both the csec course failed to educate the employees, because a responsible trained employee would report or ignore those mails lol

    • Hagdos@lemmy.world
      link
      fedilink
      arrow-up
      7
      ·
      5 months ago

      The emails were mass reported, up to the point there was an internal message sent around to stop reporting them because they are legitimate. Of course, no action was taken to make them look less suspicious.

      If I’d ever want to phish someone at my company, I’d know exactly what to do. Make the email look exactly like the training ones.