Everyone gets yearly mandatory training. And every time you open Outlook, you get a reminder to stay vigilant, with a fun cartoon from the graphics department that changes daily to keep peoples’ attention.
Last year someone in the upper half of the food chain fell for a phishing mail. We nuked his account and recreated it with “p.lastname” instead of the usual scheme “peter.lastname” .
He had to inform all his contacts about his new e-mail address, and his coworkers called him pee-dot behind his back for a while.
After that, people got a lot more careful, it was better than any training.
But somehow, it’s usually upper management that’ll call the IT lead and demand to unblock a website RIGHT NOW because they need it, and when you check it out, it’s a phishing link.
Everyone gets yearly mandatory training. And every time you open Outlook, you get a reminder to stay vigilant, with a fun cartoon from the graphics department that changes daily to keep peoples’ attention.
Last year someone in the upper half of the food chain fell for a phishing mail. We nuked his account and recreated it with “p.lastname” instead of the usual scheme “peter.lastname” .
He had to inform all his contacts about his new e-mail address, and his coworkers called him pee-dot behind his back for a while.
After that, people got a lot more careful, it was better than any training.
But somehow, it’s usually upper management that’ll call the IT lead and demand to unblock a website RIGHT NOW because they need it, and when you check it out, it’s a phishing link.
Time to fire upper management
Well yeah, those with power have the power to not listen to the skilled people below them