LeafMay 26
i clicked the link in the phishing test email and they're going to punish me now. fuck.
Show threadCaptain PackratMay 26

@leaf I discovered that the last place I worked at put a secret header into their phishing test emails so that it could bypass their filters. I think it was X-PhishTest or something like that. Anyone who actually bothered to look at the headers could find it (which meant 99.9% of users would never see it).

So I just made my own rule in Outlook to automatically mark the messages with that header.

Show threadAsaril

@captpackrat @leaf ah, another fellow header-inspector  
I have done the same, auto marking them so I can just click report.

Also at least for their eu. training domain, they are using the same certificate as for their fake phising target sites, so you get a nice list to filter from that as well.

May 27 at 2:16amWeb
Show threadLeafMay 27
@asaril @captpackrat Great tip! I see X-PHISHTEST and X-PHISH-CRID in the headers. Setting up outlook filter now :)