Are you a bad phisher or a good phisher?

Phishing emails, they’re a big deal.


That’s probably because ~91% of data breaches start with a phishing email.


In response to the sheer volume of phishing emails out there, many companies include sending simulated phishing emails to their employees as part of their cybersecurity awareness program. The frequency, content, and punishment for failure can run the gambit.


A few bad phishers have made headlines, and now the question ‘to phish or not to phish’ your employees is a hot topic.


What did they do?

They sent simulated phishing emails to their employees promising big bonuses (up to $10,000) as a thank you for all their hard work during COVID. They said their company had been receiving similar phishing emails IRL, and it made sense to simulate these types of emails.


The worst phisher of all didn’t even tell employees for TWO DAYS that they failed the test. Many of those employees spent their ‘bonus money’ during those two days.





What happened next?

The employees got pissed. The employees got vocal. The employees complained. Negative press. Demands for payments of bonuses.


WHY DID THESE PHISH STINK SO BAD?

  1. They didn’t tell the employees in a timely manner that they failed the phish (it should be immediate)
  2. They ignored the current climate (layoffs, pay cuts, and reduced hours make for a sensitive workforce)
  3. The phishing email was from their actual email domain (an email coming from a hacked account is different than someone impersonating you)


How are you phishing? Are you sending the right Phish at the right time? If you’re feeling queasy about phishing after reading this, let’s chat about how phishing with purpose can change the entire direction of your phishing program and your employee’s thoughts on phish.


Do you remember reading about any of these bad phishers in the news? Comment below, and let me know your thoughts.

Location: Lincoln, NE, USA

Comments

Post a Comment

Popular posts from this blog

Is that love in the air or catfish?

Image
  Hey  Ah, Valentine’s day. The holiday of love is quickly approaching. All this love in the air can only mean one thing, catfishing scams are ramping up. What's catfishing? Fraudsters try to take your money by pretending to be a love interest or playing on your emotions. It normally starts off as a direct message on social media or email, but it even happens on dating websites. A catfish scam can quickly ruin your Valentine’s Day. Not only did you get tricked, emotionally kicked in the gut, you also probably lost a lot of cash. Avoid heartache by watching out for these catfishing red flags: A new social media profile with very few friends They never want to show their face on video or meet in person Super fast expressions of love Sudden Major Expenses - and they ask you to help fund it They were going to finally meet you in person, but now this super horrible thing suddenly happened and they can't. They'll ask you for money to fix their car or pay that doctor's bill! G
Read more

Cybersecurity Careers

Image
The theme for Week 2 of Cybersecurity Awareness Month is Explore. Experience. Share. (Cybersecurity Careers) Cybersecurity is one of the hottest sectors today, with new threats and challenges emerging daily. There is a huge push in the business and education sectors to attract individuals to a cybersecurity career. Are you or someone you know interested in joining this exciting workforce? Here are a few reasons to pursuing a career in cyber. Hot Job Market To say that the cybersecurity jobs market is hot is a vast understatement. According to the U.S. Bureau of Labor Statistics, the job market for information security analysts will grow by 32 percent by 2028 -- making it one of the fastest growing job sectors -- there will be 3.5 million unfilled cybersecurity jobs in 2021. This means that cybersecurity professionals are among the most in-demand around the world and will be for years to come. Infinite Room for Personal and Professional Growth Beyond the ability to get a cybersecurity j
Read more

Here’s to cheating, stealing, fighting, and drinking

Image
 I'd like to share this Irish toast with you in honor of St. Patrick's Day. Here’s to cheating, stealing, fighting, and drinking. If you cheat, may you cheat death. If you steal, may you steal a woman’s heart. If you fight, may you fight for a brother. And if you drink, may you drink with me What are your St. Patrick's day plans? Comment below - I need ideas!
Read more