Got an email from our Digital Team Web Marketing today. They should be expert on this email malarky thing, and know about phishing emails?
No. Email sent to 500 people visible in the To: line, no name in the email, and threatening to take down our web profile soon.
"Reply before 1 Nov or we start removing profiles", the usual way of forcing people to reply, bog standard in phishing emails. But no, it was a real email, everything checks out. (1/n)
I let them have it Dutch style. I told them how unprofessional this was.
- use the Bcc line
- don't put everyone's name visible
- don't use threats about shutting something down
- HR should be able to tell them whether someone still works at the organisation (OK, that may be asking too much)
Of course somebody already did reply-to-all.
(toying with the idea to report them to IT and recommend they all have to redo the IT training about email etiquette and recognising phishing emails)
dutchscientist