• jellyka@lemmy.ca
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I know some place where the phishing emails were immediately spotted by the employees because the ceo has awful punctuation and grammar, the phishing email looked too clean to be real lmao.

  • squiblet@kbin.social
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I know it’s different as this is about business security, but my favorite is when people think the Sheriff or the IRS is demanding payment in eBay gift cards.

    • lazylion_ca@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      My favorite is an email attachment called Totally Important Document.zip and the antivirus wont let them open it, so they open a ticket requesting to turn off the antivirus because its impeding their work.

    • AutomaticJack@beehaw.org
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      New threats slip through, it will always happen. It’s why user training is an important part of security for a company.

      It’s not a case of if there will be a security incident but when, you can only limit the likelihood and damage.

    • Simran@lemm.ee
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      Modern day reliability and security best practices are based on planning for failures assuming they are all inevitable.

      Back in the old days we would just assume everything is going to work out but that just isn’t sustainable now with how complex and expansive systems have become. Basically, there are too many moving parts to account for every single possibility so people should expect systems to fail and know how to react when it happens.