this post was submitted on 13 Sep 2023

467 points (98.7% liked)

Tech Support Memes

2267 readers

1 users here now

Memes about IT and computer related things, funny screenshots, or things you see out in the wild.

founded 2 years ago

MODERATORS

TheWaterGod

467

Was that wrong? Should I not have done that? (lemmy.ca)

submitted 2 years ago by TheWaterGod to c/techsupportmemes

16 comments fedilink hide all child comments

all 17 comments

sorted by: hot top controversial new old

[–] [email protected] 25 points 2 years ago

Does employee training
Still immediately clicks phishing link...

[–] Rentlar 22 points 2 years ago* (last edited 2 years ago) (1 children)

I find that Cybersecurity training emails hit every red flag for a phishing email even if it's legit:

From an external organization without my company's letterhead.
Automated and I receive it at like 4am
A message saying something to the effect of "IT has assigned important training for you"
A link whose URL is a long string to an unidentifiable site
Clicking the link immediately takes you to a login page to enter your company email.

If I wanted access to someone email and password maliciously, I'd totally make a cybersecurity training site like http://cybersecuritytraining.biz, tell people they are due for company cybersecurity training just like this and I bet I'd get a lot of accounts.

[–] [email protected] 10 points 2 years ago (1 children)

We recently got those training mails (legit ones just to make that clear) and the IT got so many tickets about it despite telling us that they were planned and showed an example of how they looked on teams, they had to make another post that essentially said „yes, this is legit, you can click the link.“

It amused me greatly.

[–] Fiivemacs 6 points 2 years ago (1 children)

It just means you all passed step one of phishing training. Ask someone else so the blame is on them when shit hits the fan.

[–] [email protected] 3 points 2 years ago

Yes totally. But it was also funny how that is the thing everybody is drilled on to the degree of wanting to make super extra sure.

[–] [email protected] 18 points 2 years ago (1 children)

The last two companies I worked for had frozen wages due to market instability for years. Its amazing how they managed to make record profits quarter over quarter. They don't care about my bottom line, I don't care about theirs. I started opening every attachment that came my way.

[–] [email protected] 4 points 2 years ago* (last edited 2 years ago)

https://lemmy.world/post/4200501

[–] [email protected] 11 points 2 years ago (2 children)

My work sends out fake phishing emails and the people who click them get in trouble. Of course, they always come from one particular address that I blocked.

I wish they'd do more realistic emails though. "You won a prize you didn't apply for!" is pretty basic. If it was one of those fake invoice PDFs I always get on my personal, I'd totally let a trojan onto the work network.

[–] [email protected] 11 points 2 years ago (1 children)

If it was one of those fake invoice PDFs I always get on my personal, I’d totally let a trojan onto the work network.

At least I'm not the only one. It took me half a minute to realise, then I went to IT with my tail between my legs.

[–] [email protected] 5 points 2 years ago* (last edited 2 years ago)

realise

went to IT

If anything, they should commend you.

[–] [email protected] 3 points 2 years ago

https://lemmy.world/post/4200501

[–] [email protected] 8 points 2 years ago

LTT Moment.

[–] [email protected] 6 points 2 years ago

Well I hate the company that I'm currently employed by so

[–] [email protected] 5 points 2 years ago

It's about average. Some of the emails are very bad. Some of them are quite sophisticated.

Do education, send out a reasonable amount of testing, and if you can keep it below 15% you are in a pretty good spot.

[–] [email protected] 2 points 2 years ago

Haha this is me I'm pretty trusting

[–] [email protected] 0 points 2 years ago (1 children)

Quad9 DNS