Somebody in the IT department where I work has lost his mind over phishing possibilities.
Starting about a year ago, we would get email about something silly, like employee awards, or health benefits, or the like. The return address had the company address, and a link. Clicking the link took you to a site that told you you'd been caught in a phishing test and failed
We should always check the headers if the email, it says. But in its infinite wisdom, the IT department has blocked all but administrators from viewing full headers. I got into the habit of clicking every link I could, just to be difficult . I've long ago gotten bored with that and now simply delete 'em
Thus week the scam seems to be "blacked websites" , with a direction to log in at the linked site. Nobody has been quite stupid enough to actually log in, but this was followed by actually very authentic Emil from an actual IT telling us to click an icon on the toolbar, installed by IT ( and to follow the below link if it wasn't there).
In the 5 years I've been working there, the only phishing I've seen was generated by our IT trying to catch people.
Anybody suggest solutions to the suspicions of our IT VP?
Starting about a year ago, we would get email about something silly, like employee awards, or health benefits, or the like. The return address had the company address, and a link. Clicking the link took you to a site that told you you'd been caught in a phishing test and failed
We should always check the headers if the email, it says. But in its infinite wisdom, the IT department has blocked all but administrators from viewing full headers. I got into the habit of clicking every link I could, just to be difficult . I've long ago gotten bored with that and now simply delete 'em
Thus week the scam seems to be "blacked websites" , with a direction to log in at the linked site. Nobody has been quite stupid enough to actually log in, but this was followed by actually very authentic Emil from an actual IT telling us to click an icon on the toolbar, installed by IT ( and to follow the below link if it wasn't there).
In the 5 years I've been working there, the only phishing I've seen was generated by our IT trying to catch people.
Anybody suggest solutions to the suspicions of our IT VP?
via International Skeptics Forum http://ift.tt/26ziWry
Aucun commentaire:
Enregistrer un commentaire