Reply to post: Happening real time.

Go phish your own staff: Dev builds open-source fool-testing tool

Alistair Silver badge

Happening real time.

At least in a couple of companies this side of the pond, they are testing the end users. I'll be pointing a couple of folks at this.

I've been around long enough that I happen to know far too many folks in my current employer. Last campaign on this front I got a call from the SDir for security - I was the 1st to file the mail as a phishing attempt and one of only 6 in the company to handle it properly. (it might have had something to do with the fact that I was up at 3:30 am on a change)

I had to have a discussion with several of the folks I work with about *how* to handle crap like that. So -- even IT aware people can blow it.

As a sysadmin with command and control access to *far* too many pieces of hardware I'll point out that in my books, if you've opened a web URI from one of these emails, you need to be fired. End of line. I don't leave passwords lying around on *any* disk unless those are in an encrypted form, but the risks of getting hit with a keylogger, dataslurp, or in fact ANY virus are so substantial in the sysadmin case that I have no sympathies for someone on that front.

Its also why I try very hard not to use my windows VM for anything I don't *utterly* need to use it for.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019