|
Democratic Pirate posted:In honor of cybersecurity awareness month, we just got an email sign up for a phishing awareness campaign. You get prizes for reporting phishing emails and can redeem for small prizes. Was apparently legit.
|
# ? Sep 7, 2023 17:16 |
|
|
# ? Jun 10, 2024 10:33 |
|
Phishing sounds like a great investment.
|
# ? Sep 7, 2023 17:26 |
|
ThePopeOfFun posted:Phishing sounds like a great investment. That got me thinking you could probably get a high enough hit rate just sending invoices to accounts payable willy nilly but then I realized that’s probably a form of fraud as old as paper
|
# ? Sep 7, 2023 18:11 |
|
tactlessbastard posted:That got me thinking you could probably get a high enough hit rate just sending invoices to accounts payable willy nilly but then I realized that’s probably a form of fraud as old as paper Yeah. I remember back in the early 00's the place I worked would get those on their fax machine 2-3 times a week.
|
# ? Sep 7, 2023 18:13 |
|
The Fool posted:Yeah. I remember back in the early 00's the place I worked would get those on their fax machine 2-3 times a week. My company still does, the only difference is our "faxes" all operate through email and automatic PDF converters so they just go straight to spam unseen.
|
# ? Sep 7, 2023 18:18 |
|
tactlessbastard posted:That got me thinking you could probably get a high enough hit rate just sending invoices to accounts payable willy nilly but then I realized that’s probably a form of fraud as old as paper
|
# ? Sep 7, 2023 18:25 |
|
Our fax at a little startup in the early 00's would constantly be shooting out pages about cruises that someone had won lol They eventually just disabled incoming.
|
# ? Sep 7, 2023 18:26 |
|
I remember the telemarketing flavor of that scam started with a cruise ship horn blaring at 200% volume as soon as you answered the phone so you'd suddenly hear a muffled boat horn in another cube before someone cursing and slamming their phone down.
|
# ? Sep 7, 2023 18:33 |
|
SpartanIvy posted:I remember the telemarketing flavor of that scam started with a cruise ship horn blaring at 200% volume as soon as you answered the phone so you'd suddenly hear a muffled boat horn in another cube before someone cursing and slamming their phone down. Whoooah I memory holed this one. I can hear it clear as day now. Reminds me of when I worked phones next to a pathological liar. Dude would say the wildest poo poo. Good times.
|
# ? Sep 7, 2023 18:36 |
|
skipdogg posted:Working at a financial institution I have like 25-30 compliance training courses I have to take every year. Thankfully they started letting us test out of them. It's easier to just make everyone take it than have to "know who actually needs to take this" and "manage our employees" SpartanIvy posted:I remember the telemarketing flavor of that scam started with a cruise ship horn blaring at 200% volume as soon as you answered the phone so you'd suddenly hear a muffled boat horn in another cube before someone cursing and slamming their phone down. I remember this. gently caress this one. I'm just glad I haven't heard the car warranty spam lately.
|
# ? Sep 7, 2023 18:38 |
|
I kept getting emails from an outside company about how I won some award and I could claim my gift, and the whole thing screamed phishing attempt so I’d report and delete them. Except apparently they were legit and for our company recognition program. When I logged in I had like $300 in rewards that I thought were scam attempts.
|
# ? Sep 7, 2023 19:01 |
|
Google header on e-mail: Your companies policies have flagged this as NOT SPAM. (paraphrased) E-mail: Prizes, etc etc. Click the link. Web site: "THIS WAS A PHISHING ATTEMPT. YOU FELL FOR IT." Me: "But... you literally, intentionally flagged this as not spam in the system. Wtf."
|
# ? Sep 7, 2023 19:44 |
|
Sundae posted:Google header on e-mail: Your companies policies have flagged this as NOT SPAM. (paraphrased) Compromising an account that de-flags spam like that would be an excellent attack vector. Today you learned that nothing can be trusted, especially IT.
|
# ? Sep 7, 2023 19:50 |
|
I clicked this one. Subject: Cute Puppies! Body: “Puppies in the parking lot! Click to sign up for a time slot to pet them.” I learned to never hope for anything ever…as a defense against phishing, of course.
|
# ? Sep 7, 2023 20:03 |
|
Deadite posted:I kept getting emails from an outside company about how I won some award and I could claim my gift, and the whole thing screamed phishing attempt so I’d report and delete them. I vividly remember my boss's "Who hurt you?" Face as he confirmed the branded yeti mug was legit.
|
# ? Sep 7, 2023 20:08 |
|
Sundae posted:Google header on e-mail: Your companies policies have flagged this as NOT SPAM. (paraphrased) You have learned the most important lesson, never trust anyone, for any reason. Start flagging all of the IT mailing list nonsense as spam. Power shutdown over the weekend? Sure thing, comrade.
|
# ? Sep 7, 2023 20:09 |
|
My old boss sent an email with photos attached of his fishing trip over the weekend. You bet I reported that email for phishing
|
# ? Sep 7, 2023 20:31 |
|
ThePopeOfFun posted:I clicked this one. Reminded me of a story, a coworker at a previous job forwarded an email about puppies needing adoption and even then (2006 or so) it looked like an obvious phish attempt and sure enough it was on snopes or one of those sites. Anyway I mentioned that to my wife (live in gf at the time) and she goes “aw let’s get a dog!” And then we started looking at spca and adopted one not long after. He just passed away in 2021 after a long and happy life. So not all phishing has bad outcomes! RIP Yogi
|
# ? Sep 7, 2023 20:35 |
|
Volmarias posted:You have learned the most important lesson, never trust anyone, for any reason. Our IT department shamelessly phishes from the it@ourcompany.com address and I treat all emails from it@ourcompany.com with equal suspicion
|
# ? Sep 7, 2023 20:43 |
|
tactlessbastard posted:Our IT department shamelessly phishes from the it@ourcompany.com address and I treat all emails from it@ourcompany.com with equal suspicion
|
# ? Sep 7, 2023 20:50 |
|
Volmarias posted:It's easier to just make everyone take it than have to "know who actually needs to take this" and "manage our employees" This is 100% what it is. I don't work for the bank, as it's a separate entity under our larger structure, and have zero access to the actual financial systems. I don't deal with anything bank related at all. It's way easier though to just shotgun all this training out to everyone than to figure out who actually needs to take it and who probably doesn't. That's fine, they pretty much give us every friday afternoon off for continuing ed and training, so if they want to pay me to take these courses I'll take them.
|
# ? Sep 7, 2023 21:10 |
|
skipdogg posted:This is 100% what it is. I don't work for the bank, as it's a separate entity under our larger structure, and have zero access to the actual financial systems. I don't deal with anything bank related at all. It's way easier though to just shotgun all this training out to everyone than to figure out who actually needs to take it and who probably doesn't. That's fine, they pretty much give us every friday afternoon off for continuing ed and training, so if they want to pay me to take these courses I'll take them. I never actually got time off to do a training. I was just expected to do all the web based compliance stuff (in person training? on THIS budget???) for anything on my own time, gently caress whatever else needed to be worked on. Thanks for letting me know that the company has a specific team for handling
|
# ? Sep 7, 2023 22:09 |
|
Trapick posted:Yep - https://www.npr.org/2019/03/25/706715377/man-pleads-guilty-to-phishing-scheme-that-fleeced-facebook-google-of-100-million Imagine doing all your compliance training, stealing 100m dollars and then failing to disguise the source of funds when leaving the country despite being taughtbto do that smdh. tactlessbastard posted:Our IT department shamelessly phishes from the it@ourcompany.com address and I treat all emails from it@ourcompany.com with equal suspicion This sort of thing caused everyone to constantly report emails from IT sec as phishing but then got *worse* when the Comms department decided to use an external service for hosting newsletters so they actively encouraged you to click non-internal URLs.
|
# ? Sep 7, 2023 22:30 |
|
SpartanIvy posted:My old boss sent an email with photos attached of his fishing trip over the weekend. BOOOOOOOOOOO *HISSSSS*
|
# ? Sep 7, 2023 22:31 |
|
Powerful Two-Hander posted:Imagine doing all your compliance training, stealing 100m dollars and then failing to disguise the source of funds when leaving the country despite being taughtbto do that smdh. Yeah, sending phishing tests from "trusted" internal emails is actually a good idea on their part, because even if it's not being sent extremely, compromised accounts mean they could "legitimately" send it.
|
# ? Sep 7, 2023 22:35 |
|
Volmarias posted:Yeah, sending phishing tests from "trusted" internal emails is actually a good idea on their part, because even if it's not being sent extremely, compromised accounts mean they could "legitimately" send it.
|
# ? Sep 7, 2023 22:47 |
|
Interviewing at a start up, on-site hopefully next week. No it’s not software or in CA and isn’t “tech”, but engineering boss man kept asking me about start up culture a lot of times, so yes pretty sure I got it. Otherwise neat and interesting. How do I ask if they offer equity without sounding like a dumbass? And if they say yes, what question do I ask as a follow up.
|
# ? Sep 8, 2023 03:19 |
|
Tnuctip posted:Interviewing at a start up, on-site hopefully next week. No it’s not software or in CA and isn’t “tech”, but engineering boss man kept asking me about start up culture a lot of times, so yes pretty sure I got it. Otherwise neat and interesting. Wouldn’t equity be included in the comp package? That will come up if they want to offer it to you.
|
# ? Sep 8, 2023 03:53 |
|
Whatever equity numbers they give you are meaningless without the capitalization table and a deep understanding of startup financing. There are many ways to get screwed both accidentally (tax liabilities from private options vesting versus the hold period) and on purpose (next round of financing massively dilutes your shares). If they tell you “we are offering 10k shares per year” the smart move is to ask to see the full cap table and talk it through with a startup finance person. A more meaningful figure for them to offer is “3% of the company” because 10k shares without a denominator isn’t terribly useful. Also pay close attention to how it is granted - options, RSUs, etc because that has major implications for costs, taxes, and expiration dates.
|
# ? Sep 8, 2023 04:46 |
|
Very few founders will reveal their cap table to their actual employees much less someone interviewing. Asking how many shares there are total is fair gam.
|
# ? Sep 8, 2023 04:58 |
|
My general view is that any equity based on projected value or appreciation has $0.00 value. If I wouldn't take the job without it offered, I will not take it on account of its inclusion in the offer. I am more favorably-inclined toward RSUs at a publicly-traded company because they almost certainly have value in any circumstance where I still hold my job, but SARs, equity in a private company, etc, can gently caress right off. $0.00 present-value and near-term value for the purposes of the offer evaluation. Most of my bonus each year is in cash, but part is in a long-term incentive program. The LTIs are 80% RSUs and 20% S-SARs (only because they won't allow me to set it to 100% RSUs). The RSU portion looks great, because the company still exists and is fabulously profitable. The S-SARs, though? 428 units, 332 blocked (vesting), 96 available. Total value: $0.00. They will likely still be worth $0.00 when they expire. So there's my opinion, which nobody asked for. Now get off my lawn or something.
|
# ? Sep 8, 2023 05:25 |
|
Are you going to be asking about compensation in general? If so, it flows easily - you ask about base comp, insurance, PTO, bonus, equity, and any other benefits, and they tell you the answer. If you're not at the point of asking about compensation otherwise, I personally wouldn't bring it up. Also I agree with Sundae. I've got a tiny little stake in my PE held company, which was granted off cycle. When raise time came around, my boss pointed out that they had oh so generously granted me equity as a negotiating tactic. I basically replied that what I had could be worth <big dollar amount> or could be worth zero at the end of the day, so I didn't count it as compensation. What I did do is let it raise the amount of money it would take to get me to go somewhere else - if I would have left for a 20% bump before, maybe now it's minimum 40%. This put the issue to bed without pissing anyone off, we saved face, and it showed that I recognized the value of the relationship without letting them say "well, you have equity, so way less raise". Silly Newbie fucked around with this message at 05:30 on Sep 8, 2023 |
# ? Sep 8, 2023 05:26 |
|
Sundae posted:So there's my opinion, which nobody asked for. Now get off my lawn or something. Get out of my cubicle.
|
# ? Sep 8, 2023 06:17 |
|
~Coxy posted:Get out of my cubicle. But I don't have one of my own.
|
# ? Sep 8, 2023 08:48 |
|
Jesus Christ how is it possible to generate so much drama between just three people? This week's is that A doesn't want to do some monthly validation that happens late in the day, this is understandable to an extent (and actually I don't think should be coming to the team at all but that's a different thing), but they've handled it so incredibly badly that they've pissed B off because B has been doing it all. B also filled in the blanks from what A told me which made it fairly clear that A was at best not giving the whole picture, and at worst actively lying about it. On top of that A sent a very unprofessional email about this to their local manager who sent it to me when we caught up and gave a massive sigh and pretty much said "why can't people just act like adults?". Now A wants a desk move away from B to sit near C, B and C hate each other so honestly I think the best solution would be to put all three in a room and let them fight it out. Bonus round: For RTO, A might have been badging in to appear as present and then immediately leaving to such an extreme extent that someone else in another team flagged it. E: this is like the "you must cross a river and get the wolf, the sheep and the cabbage across but you can only take two at a time" puzzle.
|
# ? Sep 8, 2023 09:06 |
|
Whenever I start to question whether management ever does anything useful, I think of situations like that and remain thankful that they're not my problem.
|
# ? Sep 8, 2023 10:31 |
|
Powerful Two-Hander posted:Jesus Christ how is it possible to generate so much drama between just three people? What a vivid story it’s almost like I’m there
|
# ? Sep 8, 2023 11:31 |
|
Powerful Two-Hander posted:Bonus round: For RTO, A might have been badging in to appear as present and then immediately leaving to such an extreme extent that someone else in another team flagged it. Nothing wrong with this, management gets its RTO stats and the worker gets to work from home. It’s win win. I say put the complainers on a PIP. I do the badge swipe and go home thing some days, and other days I just spend all day in the little huddle room that has a one-hour time limit. I know people here don’t like it but they have no idea who I am or who I report to so they can do nothing to stop me. It’s a perk of having my entire team and management in other states.
|
# ? Sep 8, 2023 11:38 |
|
Deadite posted:Nothing wrong with this, management gets its RTO stats and the worker gets to work from home. It’s win win. I say put the complainers on a PIP. I did write "(narc)" in my notes, but I can only assume that whatever is going on must be pretty extreme for someone to actually do this.
|
# ? Sep 8, 2023 12:15 |
|
|
# ? Jun 10, 2024 10:33 |
|
Sounds like line managers are not line-managing.
|
# ? Sep 8, 2023 13:00 |