this post was submitted on 04 Oct 2023
518 points (93.8% liked)
Programmer Humor
32410 readers
552 users here now
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Happened at my workplace. An phishing email went out to test how likely people were to click the link.
Anyone who clicked the link had to take phishing training. Anyone who forwarded it to our internal "hey this is a phishing email" service also had to take training... because the internal service would automatically click the link.
sounds like the internal phishing service should be the one needing to do training
Yeah, I'm very confused by this. Why do the users notifying IT have to do the training?
I've worked a help desk before, while after dozens of people sending it in we don't really need it forwarded anymore, people don't know that until we get the I'd still rather people forward it than click it. Ignore and delete is best since I guarantee someone will forward it to IT, but forwarding (even forwarding and asking) is never bad and demonstrates good awareness.
The URL likely is unique per user. They forward it, IT clicks the link, it registers that that user clicked the link even though IT did it.
stop that part then
If only I had the power
IT can look up the original (including all headers) based on the forwarded content. It's on the same mail server.
Ah, yeah, forward as attachement of course.