|
Combat Pretzel posted:A service from some company called KnowBe4. Set up an Outlook rule where anything with knowbe4 in the headers is sent to its own special folder.
|
#
?
Oct 7, 2023 15:46
|
|
|
|
| # ? Jun 7, 2024 01:18 |
|
|
At work we're using Notes. 
|
|
#
?
Oct 7, 2023 15:48
|
|
|
KnowBe4 lets you set difficulty levels in the emails that go out, from "if you clicked this we have a REAL problem with your trust and lack of critical thinking skills" to "This is a 100% clone of a real email you would get, with the links swapped" If your company is lazy, it just sends everything. It also might just send everything if it's trying to get a baseline on what level of security knowledge people have.
|
|
#
?
Oct 7, 2023 15:58
|
|
|
My current job uses the same company, although they push out a phishing report button to Outlook that we're supposed to use. The first time I saw one of their phishing tests, I started asking the security team how something so obviously fake and spoofed got through our spam filters. I can understand having an occasional test to remind the more technologically innocent employees, but if they go overboard with it, it's a huge annoyance.
|
|
#
?
Oct 7, 2023 16:08
|
|
|
At my org every email goes through proofpoint so all external urls get garbled. The only exception to this is the phish tests. It's a stupid system but to be fair anyone that falls for those probably really needs the training.
|
|
#
?
Oct 7, 2023 16:27
|
|
|
ponzicar posted:My current job uses the same company, although they push out a phishing report button to Outlook that we're supposed to use. The first time I saw one of their phishing tests, I started asking the security team how something so obviously fake and spoofed got through our spam filters. I ran one of these two jobs ago and said the same thing, and then 29% of the company clicked it. Mostly the C-levels and finance people.
|
|
#
?
Oct 7, 2023 16:49
|
|
|
Sirotan posted:I ran one of these two jobs ago and said the same thing, and then 29% of the company clicked it. Mostly the C-levels and finance people.
|
|
#
?
Oct 7, 2023 16:55
|
|
|
I'd be more mindful of false positives in KnowBe4 ... like apparently using the Gmail native "report phishing" link effectively clicks the KnowBe4 link for you and results in a positive  I'm pretty sure some mail client link previews cause the same issue. Sirotan posted:I ran one of these two jobs ago and said the same thing, and then 29% of the company clicked it. Mostly the C-levels and finance people.
|
|
#
?
Oct 7, 2023 17:03
|
|
|
Combat Pretzel posted:KnowBe4 cites a similar stat like this on their website, and I thought it was just some marketing shpiel. I guess not. It was seriously the most obvious fake email ever. E-fax in a zip file. We did not have e-faxing capability at all at the time. Spelling and grammar mistakes. Weird formatting. You could spot it a mile away!! "Can't we try something a bit less obvious?", I asked their sales person and they assured me that this was a good place to start. It was shocking. Best part was, it was a pre-sales demo and then we didn't get approval to buy the training, lol
|
|
#
?
Oct 7, 2023 17:07
|
|
|
Sirotan posted:It was seriously the most obvious fake email ever. E-fax in a zip file. We did not have e-faxing capability at all at the time. Spelling and grammar mistakes. Weird formatting. You could spot it a mile away!! "Can't we try something a bit less obvious?", I asked their sales person and they assured me that this was a good place to start. It was shocking. I mean, yes, you start with the most obvious stuff to see who clicks. That tells you how big of a training problem you have. If nobody needs immediate intensive intervention training, you bump things up to slightly less obvious and repeat. After you figure out a baseline of how dumb the user base is, THEN you figure out a general training plan and a long term testing plan. Yes people hate it when they get emails that are obviously phishing from the test system. So you give kudos when they report it right, and go "x% of users fail this one. Thank you for being intelligent".
|
|
#
?
Oct 7, 2023 17:34
|
|
|
Sirotan posted:I ran one of these two jobs ago and said the same thing, and then 29% of the company clicked it. Mostly the C-levels and finance people. I read a study that had some "great" stats: after 1 year of constant reminders and training, 3% STILL click on the links. I understood why Level 2 STIG hardening guides kill all hyperlinks and convert HTML to plaintext that day. Seemed extreme at first.
|
|
#
?
Oct 7, 2023 19:27
|
|
|
phishing tests and training don't actually accomplish any real level of security posture improvement Do the bare minimum that your insurance lets you do and invest your time in initiatives to minimize/eliminate the impact of when someone falls for one for real.
|
|
#
?
Oct 7, 2023 21:39
|
|
|
It really sucks because no matter what you do too people will fall for that poo poo. Routinely have people at work clicking stuff they shouldn't. Increase how much stuff gets filtered? Then you get a bunch of emails that are legitimate but get filtered because people are apes that don't know how to write a proper email.
|
|
#
?
Oct 7, 2023 22:12
|
|
|
honestly I'd rather filter good emails than let bad poo poo through, folks will (eventually) notice they missed an email, make it a T1 problem or as low as you can, only takes users being lazy and clicking random poo poo once to gently caress over your environment.
|
|
#
?
Oct 8, 2023 02:48
|
|
|
I'd rather we as a society agreed to delete email completely. It provides no valuable service anymore.
|
|
#
?
Oct 8, 2023 02:54
|
|
|
chin up everything sucks posted:Yes people hate it when they get emails that are obviously phishing from the test system. So you give kudos when they report it right, and go "x% of users fail this one. Thank you for being intelligent".
|
|
#
?
Oct 8, 2023 04:38
|
|
|
xzzy posted:I'd rather we as a society agreed to delete email completely. It provides no valuable service anymore. The alternative is either my customers calling me directly or forcing me to be on their VPN 24/7 so they can slack me or whatever. gently caress that send me emails.
|
|
#
?
Oct 8, 2023 04:48
|
|
|
Emails are bad (no one reads them or does anything in response) but they are also good (I can do the same as them)
|
|
#
?
Oct 8, 2023 15:22
|
|
|
I saw an obvious phishing email once that was like "Submit your resume! Up to $100 a day!" and rolled my eyes at it. A week later, a ticket comes in...
|
|
#
?
Oct 8, 2023 17:04
|
|
|
Emails are for messages long enough that sending it over Teams would be obnoxious.
|
|
#
?
Oct 9, 2023 16:49
|
|
|
klosterdev posted:Emails are for messages long enough that sending it over Teams would be obnoxious.
|
|
#
?
Oct 10, 2023 00:39
|
|
|
klosterdev posted:Emails are for messages long enough that sending it over Teams would be obnoxious.
|
|
#
?
Oct 10, 2023 01:27
|
|
|
per my last message,Arquinsiel posted:Email is for CYOA.
|
|
#
?
Oct 10, 2023 01:41
|
|
|
My boss recently dropped an "as discussed above" and, seeing as I was the one who discussed it above, this was essentially a "per your last email" and I almost smashed my computer in aggravation
|
|
#
?
Oct 10, 2023 06:01
|
|
|
CPColin posted:My boss recently dropped an "as discussed above" and, seeing as I was the one who discussed it above, this was essentially a "per your last email" and I almost smashed my computer in aggravation Well, were you wrong, as per your last email?
|
|
#
?
Oct 10, 2023 06:48
|
|
|
Why else would one rage?
|
|
#
?
Oct 10, 2023 14:08
|
|
|
KillHour posted:Well, were you wrong, as per your last email? Depends on whom you ask. I deployed a feature to a small subset of users and upper management woke up from their nap all cranky because I was "changing business processes" without including them in the loop. Nevermind that they've been out of this particular loop for years. I told my immediate boss I'd gotten permission from Payroll and there were no plans to roll the feature out further. Upper management decided they didn't actually care after all and left it to my boss to decide whether to roll it back or not. My boss deliberated for a few days before descending from on high to announce that the feature would stay deployed and "as discussed above, there are no current plans to roll the feature out further." So I went for a walk.
|
|
#
?
Oct 10, 2023 16:03
|
|
|
I am laughing at that whole situation because man it really does always circle back to emails. And the (lack of) quality thereof.
|
|
#
?
Oct 10, 2023 16:20
|
|
|
I forgot to mention that the person in Payroll who gave me permission was included in the email thread when upper management threw its hissy-fit and didn't reply. Pro strat.
|
|
#
?
Oct 10, 2023 16:25
|
|
|
It sounds like your manager just deferred to you then, except they did it in the most manager way possible.
|
|
#
?
Oct 10, 2023 17:08
|
|
|
I've got a guy about to quit or get fired due to attendance and a suitable replacement is stamping his feet ready to go and my boss won't let me hire him now, instead of when the inevitable happens, because 'you already have a trained forklift driver why would you want to hire an untrained one' Sigh
|
|
#
?
Oct 10, 2023 17:23
|
|
|
A trend I've noticed in the last couple years is tech vendor spam where they email you from slightly different domains (.com, .io, etc.). I have to assume this is because they're aware that people are blocking them for sending spam. If you already understand that no one wants your emails, why do you think they are going to want to do business with you after you actively evade their attempts to stop hearing from you? Throw all marketing people into the sea.
|
|
#
?
Oct 10, 2023 17:28
|
|
|
CPColin posted:I forgot to mention that the person in Payroll who gave me permission was included in the email thread when upper management threw its hissy-fit and didn't reply. Pro strat. He probably got a separate tongue-lashing for approving something that he didn't have the right to approve without consulting the oracles
|
|
#
?
Oct 10, 2023 17:31
|
|
|
guppy posted:A trend I've noticed in the last couple years is tech vendor spam where they email you from slightly different domains (.com, .io, etc.). I have to assume this is because they're aware that people are blocking them for sending spam. If you already understand that no one wants your emails, why do you think they are going to want to do business with you after you actively evade their attempts to stop hearing from you? If you keep throwing poo poo at the wall surely eventually some of it will stick, is what I assume the logic is here
|
|
#
?
Oct 10, 2023 18:40
|
|
|
It makes some sense, email is pretty much free to send and even a 1% response rate is considered good. Everyone that does mass mailing is still a horrible scumbag but if it didn't work they wouldn't do it.
|
|
#
?
Oct 10, 2023 18:50
|
|
|
Just got my first instance of a ticket where the entire content of the ticket was AI generated, by the creator's own admission
|
|
#
?
Oct 10, 2023 19:09
|
|
|
I... why? I can't ask you to share the information obviously, but can you give a tl;dr? I gotta know what the gently caress it was about and why they thought using AI was a good idea.
|
|
#
?
Oct 10, 2023 19:14
|
|
|
tl;dr: 1. CEO of company a half a year back started pushing hard on encouraging use of AI based solutions anywhere we can 2. Everyone starts using ChatGPT for things like assisting in writing responses to support cases, summarizing consulting documents, adding blog posts to our website, etc. 3. This particular individual wants an AI tool that generates some text based on data in the system but doesn't know how to articulate it, so throws what they want into ChatGPT and copy and pastes the response into the ticket description My favorite part is that the ticket is written by AI...about adding an AI component to our product
|
|
#
?
Oct 10, 2023 19:19
|
|
|
Losing my mind. How long until everything crumbles by your estimations?
|
|
#
?
Oct 10, 2023 19:26
|
|
|
|
| # ? Jun 7, 2024 01:18 |
|
|
Polio Vax Scene posted:tl;dr: 
|
|
#
?
Oct 10, 2023 19:44
|
|
