You are viewing a single thread.
View all comments View context
36 points

A friend (who actually works in IT) apparently has a good system at his company. It actually automates turning real phishing attempts into internal tests. It effectively replaces links etc and sends it onwards. If the user actually clicks through, their account is immediately locked. It requires them to contact IT to unlock it again, often accompanied by additional training.

permalink
report
parent
reply
2 points

Wait. So your friend’s company has the ability to reliably detect phishing attacks, but instead of just blocking them outright, it replaces the malicious phishing links with their own phishing links, sends those on to employees, and prevents them from doing their jobs of they fall for it?

Sounds like your friend’s company’s IT people are kind of dickheads

permalink
report
parent
reply
9 points

I work at a company that does something similar; it can be annoying to deal with these fake phishing emails from our own IT, but a 10-15 minute training session if you fail is a lot less disruptive than what can happen if you clicked the real link instead.

I consider myself a bit more tech-savvy than average, but I’ve almost fallen for a couple of these fake phishing emails. It helps me to keep up with what the latest versions of these attacks look like (and keeps me on my toes too…)

permalink
report
parent
reply
2 points

Well the company probably can’t detect them reliably, so wih the ones it does detect it trains them to avoid the ones that they can’t detect.

permalink
report
parent
reply
2 points

It’s not every phishing email. I think it’s technically those that get through the initial filters, and get reported, but don’t quote me on that. Apparently it’s quite effective. They also don’t need to report every one. It’s only if they do something that could have compromised the company that causes a lock down. It’s designed to be disruptive and embarrassing, but only if they actively screw up.

permalink
report
parent
reply
2 points
*
Deleted by creator
permalink
report
parent
reply

Comic Strips

!comicstrips@lemmy.world

Create post

Comic Strips is a community for those who love comic stories.

The rules are simple:

  • The post can be a single image, an image gallery, or a link to a specific comic hosted on another site (the author’s website, for instance).
  • The comic must be a complete story.
  • If it is an external link, it must be to a specific story, not to the root of the site.
  • You may post comics from others or your own.
  • If you are posting a comic of your own, a maximum of one per week is allowed (I know, your comics are great, but this rule helps avoid spam).
  • The comic can be in any language, but if it’s not in English, OP must include an English translation in the post’s ‘body’ field (note: you don’t need to select a specific language when posting a comic).
  • Politeness.
  • Adult content is not allowed. This community aims to be fun for people of all ages.

Web of links

Community stats

  • 11K

    Monthly active users

  • 2.6K

    Posts

  • 53K

    Comments

Community moderators