3. Phish testing the company

Phish testing the company

This has nothing useful to your answer but... chuckling reading this from my yesterday. We started to use PhishMe about a year and a half ago. At that time we got an e-mail saying they were running a round of them and how to respond if a customer asked what it was. Then it happened again next quarter, and we got the same notice. Then, a year went by without them.. Meanwhile, our overall IT departments across major companies are merging, and more than 1/2 of IT has had turnover from early buyouts and then from several rounds of layoffs. So, the woman whose name is attached to this as the account contact in all documentation is no longer w/ the company. Yesterday our customers start getting these... the newly merged divisions in NY start getting them, too, and their IT doesn't know what they are. They don't seem to know we had previously used them even, because they were part of the sister company they've now merged everyone from. So, on their end they kick off the emergency plan to block the IP of the sender/etc., which is PhishMe, successfully do all that, but don't bother to actually send out any communication to the "new" team only to their old. Meanwhile I get notification that many got this e-mail message, so start doing research to see if it was really coming from them. Checked the headers, sending smtp server, called the host's support that owned the IP the e-mail embedded items were hosted by (Blue Box Cloud) and talked to their support to confirm it was owned by PhishMe (it was), matched their MX records back to PhishMe, etc... I conclude it's legitatmely from PhishMe and send everyone in the new group a reminder of the process to respond w/ customers, they respond saying no they've validated it's a spoof. I respond back w/ everything I know, they finally belived it enough and then I was able to get them the contact internally in charge now, blah blah blah, they unblock. Corporate bureaucracy at its finest.

Anecdotally about the service, one thing we're told about it is if a customer is concerned they will be reported to management for clicking on the test, we're told they do not do this and they're supposed to tell the customer not to worry and thanks, basically... To which I wonder if we aren't doing any reporting based off of it, what the point is, and why couldn't we just do this internally on our own?

/r/sysadmin Thread
Previous
Next

Recently removed from /r/sysadmin

I know of a crazy vulnerable Exchange server at my old work. What to do? Details inside. Intune Windows LAPS - Configuration Profile Applies Successfully, Yet Nothing Happens...Why? Woman starting in IT next month. Should I be worried or not? How to run a meaningful CyberSecurity Risk Workshop/Assesment Amazon Outage I don't know what I'm doing and I need help What's the point of using BitLocker with TPM instead of password when someone can always access your computer without entering a password on boot? How many of you despise IoT? Onboarding 1200 New Users - how to communicate passwords? Gen Z also doesn't understand desktops. after decades of boomers going "Y NO WORK U MAKE IT GO" it's really, really sad to think the new generation might do the same thing to all of us Modern SQL Express Backup Solution [GA] Employee claims she can't use Microsoft Windows for "Religious Reasons" So I got a "correctional talk" yesterday. Rant about new age "senior" IT "specialists" who don't know how to wipe their butt. Do you think remote work is slowly dying? Most companies seem to be pushing RTO, even big tech you folks think ?

More Random Comments

A Home for Your Pokémon Move Pokémon between compatible games, trade Pokémon on the go, and more with #PokemonHOME! Soft wheels concept on wheelchairs/bikes Sapiosexual I am in high school and its slowly starting to sink in how people view me What helps get you going the most in the morning? [OC] Every night, my middle school son draws a new comic on his bedroom door white board. They're pretty funny, so I started taking pics and posting them to an Instagram account . Here's today's post. I’m (30sF) burned out supporting my friend (40M) with PTSD and I lashed out at him [Help] My little girl passed today, I feel rotten for not being there to say goodbye People who cheated, why? Anyone know of an ad-on that warns you if a user posts in certain subs? Getting tired of accidentally interacting with TERFs or other bigots We need a Loona Only sub tbh Microsoft’s Surface Pro X is the world’s most extravagant Chromebook Japan and Germany confirm patients who caught coronavirus did not visit China Disabled man in UK starves to death after benefits stopped - Body discovered by bailiffs kicking in his door. NYC Skyscraper Museum-- why density is good