this post was submitted on 10 May 2024
1288 points (98.6% liked)

Comic Strips

12636 readers
4088 users here now

Comic Strips is a community for those who love comic stories.

The rules are simple:

Web of links

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Boozilla@lemmy.world 88 points 6 months ago (45 children)

I will think about this every time we have a meeting to discuss the stupid "shame and train" faux phishing attacks they run on us at work.

Pro-Tip: If you set up the right kind of filtering you'll never see those stupid things. (Fight club rules).

[–] Hossenfeffer@feddit.uk 10 points 6 months ago (5 children)

Alternatively, over-report. Spelling mistake on an email from a colleague? Seems phishy to me. Email from a colleague with an attachment? Phishy! Unsolicited email from a client? Phishy! Email from 'social committee' sent to everyone in the team? Phishy!!!

[–] Blueteamsecguy@infosec.pub 6 points 6 months ago (1 children)

Please don't.

I have to initiate those, or it looks bad for compliance. We sell software, we get SOC 2 attestations yearly. We start getting points marked off for very general security and compliance measures customers will question our products and not renew or not purchase in the first place, because if we can't even secure our own employees and promote awareness, what does that say about our product?

Sincerely, the guy everyone hates and makes your work life harder.

[–] Bartsbigbugbag@lemmy.ml 3 points 6 months ago

Maybe don’t gaslight people and they wouldn’t respond by assuming everything is more gaslighting.

load more comments (3 replies)
load more comments (42 replies)