undefined | Better HN

0 pointsSpivak5mo ago0 comments

I'm so surprised by this, not because I don't think that many people would fall for a phishing attempt, but because the corporate "training" phishing emails are so glaringly obvious that I think it does a disservice to the people being tested. I feel like it gives a false impression you can detect phishing via vibes when the real ones will be much stealthier.

Are your phishing emails good? If so if you don't mind name dropping the company so I can make a pitch to switch to them.

0 comments

CJefferson5mo ago

I had the opposite problem recently, I got a work phishing email from netflix.com . Now I still shouldn’t have clicked on it, netflix isn’t attached to my work email, but you couldn’t actually send a phishing email from account@netflix.com, they had to give access to our inboxes so the phishing company could manually drop it into our inboxes.

masklinn5mo ago

Like many other scams, an “obvious” entry point can be very useful as it makes victims self-selected, and a lot more likely to follow to completion. Even if the opportunity cost of phishing is low, having nobody report the attempt makes for a longer window of operation.

j / k navigate · click thread line to collapse

0 pointsSpivak5mo ago0 comments

Are your phishing emails good? If so if you don't mind name dropping the company so I can make a pitch to switch to them.

0 comments

CJefferson5mo ago

masklinn5mo ago

j / k navigate · click thread line to collapse