this post was submitted on 10 May 2024
1288 points (98.6% liked)

Comic Strips

12626 readers
3081 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] cerement@slrpnk.net 10 points 6 months ago (4 children)

except too many companies take that extra step of being annoying:

  • you get a write up if you fall for the phishing
  • you get a write up if you don’t fall for it but also fail to report it
  • you get a write up if you don’t fall for it and do report it but don’t use the correct report form
[–] MotoAsh@lemmy.world 9 points 6 months ago (1 children)

We're supposed to forward the spear fishing emails to IT but I always just report as spam and go about my day. Was only nervous the first couple times I ignored an obvious internal phishing test but apparently they don't care if we don't fall for it.

[–] BubbleMonkey@slrpnk.net 2 points 6 months ago

Mine was like that too so I just deleted them and moved on. I sat right next to the security team and would thus know when they were going out, so they gave no shits as long as you didn’t fall for it.

It also helped that my team was the only in the company that didn’t really get email. Everyone else got hundreds a day (no joke, they used way too many mail lists) and we got maybe 5-10, all internal or auto-generated, so everything was super obvious, and IT was well aware of this.

[–] HubertManne@kbin.social 7 points 6 months ago

you also fail if you use the right form but don't staple a cover sheet for the tps form followup.

[–] criticon@lemmy.ca 2 points 6 months ago

Yeah my company sets a goal of how many you need to report every year, if you don't then you need to take mandatory training (same if you fail and click on a link)

[–] Boozilla@lemmy.world 2 points 6 months ago

Where I work, they haven't taken it that far yet. But I would not be surprised if they go to that in the future. The email rules / filters can still help with it.