J Wolfgang GoerlichInfoSec:
"Never ever click on emails, all emails are malware."
Also InfoSec:
"Check out this new security feature which provides passwordless login right from an email link."
🍔⌨️ IS @ GRRCON 🥳@jwgoerlich Click all the things! Click some of the things!!!
Jeff GriggInfoSec:
Mandatory Training: "Report all unexpected emails that pressure you with a sense of urgency. Do not click their links!"
Also InfoSec:
"Mandatory Training! You must take the training at this link, with your corporate login ID and password by this short deadline, OR ELSE!!!"
Me:
<< Reports phishing. >>
InfoSec:
"Seriously Jeff! That is Real Mandatory Training! You are really required to do it! What is wrong with you?!?"
Me:
How could I know the difference? 🤷
Tim Lavoie@JeffGrigg @jwgoerlich The urge to do this, from within one of a number of infosec teams, is very strong. Sadly, I took the mature path, and asked my manager. This time.
nyanbinary@JeffGrigg @jwgoerlich ok, thats fine, fuck "security awareness trainings". but if you report the response to the report I'll get pissy. 
Chantaru@JeffGrigg @jwgoerlich at my job, every time their are planning to send surveys or anything with links to be clicked, we get like 2 emails from the ceo or legal to tell us to expect it and it gets posted about on the intranet. Sometimes it even gets mentionned in a townhall. We also get so many fake phishing traps.
SpaceLifeFormI do not check emails. Can not get phished this way.
@SpaceLifeForm pro tip, that!
jkdelauney@jwgoerlich I hate that shit. I have entries in my password manager that now only serve to remind me what email I signed up with as I never get the option to enter my password anymore. These accounts almost always have no ability to change the email address either, so if I retire that address I just loose the account.
I’m looking at you, Wendys.
txt.file@jwgoerlich InfoSec: Don't click links in emails.
Many Webservices: Please click the link in the email we send you to verify your login.
scholar_farmer@jwgoerlich @txt_file ahhh but very cleverly the firewall filters out the verification logins, particularly if they are real…
(As a human user, I do in fact know that I am waiting for a six digit code to continue accessing my chosen portal)