this post was submitted on 29 Mar 2025
974 points (98.8% liked)
iiiiiiitttttttttttt
749 readers
112 users here now
you know the computer thing is it plugged in?
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Except for the tiny fact that a phishing email wouldn't give a fuck about being "tone deaf" and would bank on the "nobody bad would ever send an email like this!".
Sure, a genuine phishing e-mail wouldn't give a fuck. But fake phishing e-mails sent from an employer should give a fuck about retention and employee engagement. Drawing attention to how much you don't care about your employees while exploiting their emotions isn't all that conducive to maintaining a healthy workforce/morale.
There are ways to demonstrate the lengths bad actors are willing to go without being a douche.
As an example, find out something the employer actually will be doing (or already does) and pre-empt it with a related, but not identical, phishing test. After the test has elapsed, send a follow up explanatory e-mail, with genuine content e.g. "We won't pay you $10,000,000 to have a baby, but did you know about our generous maternity leave package?"
That implies they care about our feelings. When actually they want us to remember we only get paid if we're of pecuniary value to them. Even at a good company like mine.