The phishing attempts we get are usually pretty obvious but I almost got fooled by one last fall. I went to help out my grandparents for a little while since my grandfather was in poor health. I connected my work laptop to their wifi and a few hours later I got an e-mail that I had connected to an unsafe/unsecured/something network and any further violations would be escalated to my boss and had some link to address the matter. To that point I'd only ever connected to at the office or at home so it was pretty unsettling and looked rather legit. I thought it was ridiculous but luckily didn't click the link. I spent a few minutes looking at it and finally realized the e-mail address it came from was bogus (albeit pretty damn close to our internal IT ones) and reported it; simulated phishing attempt. Never would have even thought twice about it if I had been WFH as usual.
Speaking of phishing emails… My company has a wellness incentive program. Earn enough points and they give you $250 in an HSA/HIA. The geniuses that run the wellness department sent out an email to everyone who qualified with a subject line saying “Congratulations on your free money! Open this email to see the next steps” It was a very real email not intended to catch stupid people falling for phishing scams.
We had one of these as well which I think is particularly annoying because we have hired so many people in the past month or two. We work in healthcare with patient data so it makes sense that our IT department is incredibly focused on training people tonight get phished, but a phishing test with your health care insurance sending you what looks like a likely request is fucked up in my opinion.
Yeah I thought that one was ridiculous. You only have a certain small frame of time to complete your enrollment. It didn't seem realistic at all
I’ve been officially designated as competent to spot phishing emails as well as prevent door tailgating for the full calendar year 2022. #trainedup #staysharp #skippingaheadwillnotresultinacompletedmodule
That reminds me I haven’t done some IT training they sent out like a month ago. Maybe I should do that.
[Your Username], the jig is up, we've got your whole browser history and webcam footage. $500 to TMB or this gets posted right away
I’m not sure what I just witnessed. I walk into the bathroom at my office and I’m immediately hit with a strong shit smell. I take a step around the corner and see brown streaks ALL over the floor. I mean like full length of the bathroom. Almost like someone mopped with shit. I fucking tip toe through the poo minefield to see a toilet clogged with shit and TP. What transpired in there?!?
Problem is you can get shitcanned for only falling for a couple of these and I don't like that policy. Like my friend is an AWS architect who just joined fell for a phishing test saying you needed to sign up for your Cigna account given that he literally is getting new health insurance as part of this new job.
The phishing emails have gotten entirely too good. I know I have missed some real emails, but oh well. Haven't fell for shit!
I'm in California and they allowed us to transfer PTO to another employee due to a medical emergency. Not sure of all the rules. My company started blasting us with a United Way donation campaign this week. We got hit super hard by the pandemic and had to freeze all raises/promotions/bonuses/etc. No problem there, they sent us a 'Give Your Time' form yesterday where we can donate our PTO. Get. The. Fuck. Out.
Creating phishing emails for testing that deliberately take advantage of internal knowledge and information is a step too far. That goes against the concept. Especially someone knew who doesn’t even have enough time to be a true target. With that said supply chain account compromises and subsequent phishing is ramping up. We have had both suppliers and customers have their accounts compromised, hackers sit and watch their email conversations, then step in between impersonating us with intimate details asking reroute banking information. While that’s happening they fire off emails from the compromised account with “invoices” and try to spread.
It's not on the first offense but if you fall for multiple then they can revoke your access to certain resources and you'd likely be let go.
Nandor the Relentless, this is work IT calling. We need you to stick a magnet to your hard drive. Comply with this request now or face termination.
I can get behind that. Especially for a cloud architect. Never click anything unless you are 100% sure. It never hurts to ask.
Not really annoying as much as it is stupid but… we’re moving into a new warehouse and one of the questions the engineer had was how thick the concrete floor was (or that it was at least 6”). I told one of my warehouse guys to measure it, just drill a hole and see when you hit the dirt. stick a pencil in and mark it/measure it. He sends me a video where he marks the pencil 6” up from the eraser, then sticks the pencil in head first (not the eraser side, which was like 1-2” from the top of the pencil) and when the marker disappeared he used it as proof that it was 6” deep.
Starting tomorrow through at least February, my wife and I will both be working from home. Pray for me.
Racking but yeah same idea. The town wants to make sure the floor will support the weight I guess, beer is heavy.