Dan
Andrewapparently i passed a phishing awareness test last week by correctly ignoring a fake linkedin email
nobody tell my boss that i ignored it entirely on the assumption that it was a real linkedin email
Ursidinoj/The Bjornsdottirs@ellenor2000 I mean, if I'd opened it it'd have been perfectly clear it was fake, I just trashed it based on the subject line, I never even asked myself if it was real.
it's like if someone tried to sneak into my house by pretending to be a vacuum salesperson, I don't care if you're real, you're not coming in
Panegyr 
@andrewt I’m still of the opinion that those false phishing emails that IT departments send out are almost completely pointless. The emails about security training I find often look way more like real phishing emails than the emulated attacks.
@panegyr apparently we're getting one of them soon, half a mind to report it as a phishing email
Schrödinger's Prat
Cassandrich@Rhodium103 @panegyr @andrewt "This email purporting to be from IT with really bad grammar and poor security hygiene is trying to get me to click on a suspicious link claiming it's a mandatory security training"
Chris Northwood
Random Geek in limbo
Jolle Carlestam@panegyr @andrewt I have a total of 4 emails in my corporate spam folder that were all put there by the service itself. They are all sent from my company’s security department. They all have the same header, and I assume the same content since I haven’t read them. They are from different time periods. The header reminds me that I need to do the mandatory class regarding email security. Am I going to read them? Duck no! Will I do the class? Sure, if the request does not end up as spam first
I crafted an email filter at my previous employer that searched the raw header for the string “knowbe4” and filtered it to spam, this successfully killed off any emulated phishing attacks and also reminders to do security training, which sends one once a week with a continuously rising number of days lmao
ninkosan@andrewt I have an outlook rule that auto-deletes them based on the extra header they insert. Will be dropping that one in the company slack at the end of my notice period I think 🙂
Local Dad, Ben Hamill@andrewt I used to work with a guy who liked to say, "Can't get phished if I don't read my email!"
@benhamill @andrewt I prefer "can't get phished if you don't know any passwords".
fake login page: enter your password
me: send password reminder
fake login page: shit, er... maybe an ex partner?
Angus McIntyre@andrewt A company I worked for hired consultants to send us periodic phishing emails. The emails were sent from assorted domains that were all registered to the consulting company.
Back in the day, WHOIS data was public, so after the first email, I simply looked up all their domains and configured my mail client to flag any mail from those domains with a special label.
This was probably contrary to the spirit of the security awareness program, but I like to think it demonstrated initiative.
I love this, so I@angusm @andrewt @SuperMoosie lol they still do dumb stuff like that, our current pack of idiots include a X-header that mentions their company name phishing test, so I filter on that, unpack the mangled link courtesy of URLdefense, and “click” the link once per minute for a week straight
PatriciaMaskell@andrewt I got into trouble for twice ignoring an email inviting me to complete a questionnaire about phishing awareness on the basis that I thought it was a phishing exercise I instructed the staff that I line managed to also ignore it. We were the only team that didn't complete it
@PatriciaLewis the tool they are training us to use accidentally got rolled out too early so the first I heard if it was when my computer popped up a screen for no apparent reason saying "do you want to grant PhishHook access to your Google account" so now I haven't got the chrome extension installed and I don't think this is a me problem
Vio
kelce@andrewt My methods to not falling for phishing is ignoring all my emails and waiting for the "We haven't gotten your response" email from my manager herself. Highly efficient.
@kelce oh by far the most common phish we get is someone pretending to be the CEO and saying she needs us to text her on some unfamiliar number urgently
Lawrence@andrewt I play it safe at work, and ignore ALL emails
@andrewt I don't much care for phishing tests; I don't feel that the truly train users on telling the difference between real and fake links.
@cambridgeport90 I think if I click on every single one of their fake phishing links and no real phishing links I should unlock a bonus stage
@andrewt Haha. That would be funny...if companies would actually start using gamification features in their training, I think people would both want to do it,and they would learn more.
Matthias Liffers@andrewt My own place of work did a similar test. I only clicked the link and provided (fake) credentials after I discovered from colleagues that it was a test. Still waiting to hear from the IT department about my failure.
Paul Cantrell
Belle (she/her)
Kevin Karhan 
@andrewt personally I find those fake phising messages by providers like #SoSafe annoying, as I treat any attempt of information extraction and intrusion equally serious.
I wrote them a pissed-off mail once and told them to stop insulting my intellect and wasting my time, cuz if it wasn't obvious they got paid for that shit I wpuld've pulled everything I legally can to 'burn' their entire ASN, IP allocations and domains as #spammers...
gram
GrumpSec Spottycat@andrewt <old job> used to use phishme, who put phishme headers in the phishing awareness test emails, so I just made an outlook rule to mark them "phishing test" based on the headers XD
Polychrome 
@andrewt
👨💼 "Good job ignoring that fake Facebook notification email."
*does not have Facebook* "Thanks."
👨💼 "Good job ignoring that fake Facebook notification email."
*does not have Facebook* "Thanks."
moved to => @
Hugh (he/him) 
LoL
:) <- me giving up trying to find a smiley face emoji.
enmodo ⚛️ 🧬 🇺🇦 🍉@andrewt I pass these tests just by not reading my email. That's remarkably easy now that 95% of all communications are done by company Slack now.
@enmodo yeah, we let very few phishers into the company slack, it works great
DSBeansIs there such a thing as a real linkedin email?
@dsbeans well, I mean there's "someone trying to get your details through trickery" as opposed to "linkedin in particular trying to get your details through trickery"
MeKobi@andrewt Congratulate yourself!