Everyone gets yearly mandatory training. And every time you open Outlook, you get a reminder to stay vigilant, with a fun cartoon from the graphics department that changes daily to keep peoples’ attention.
Last year someone in the upper half of the food chain fell for a phishing mail. We nuked his account and recreated it with “p.lastname” instead of the usual scheme “peter.lastname” .
He had to inform all his contacts about his new e-mail address and his colleagues called him P-Dot behind his back for a while.
After that, people got a lot more careful, it was better than any training.
God. I hope they got a very stern lecture from their superiors and mandatory retraining from their security team.
Also their laptop should be wiped and rebuilt from opening a word document from “some random OneDrive”
Everyone gets yearly mandatory training. And every time you open Outlook, you get a reminder to stay vigilant, with a fun cartoon from the graphics department that changes daily to keep peoples’ attention.
Last year someone in the upper half of the food chain fell for a phishing mail. We nuked his account and recreated it with “p.lastname” instead of the usual scheme “peter.lastname” .
He had to inform all his contacts about his new e-mail address and his colleagues called him P-Dot behind his back for a while.
After that, people got a lot more careful, it was better than any training.
Time to fire upper management
Well yeah, those with power have the power to not listen to the skilled people below them
As an IT professional, I would genuinely suggest blocking this individual from sending or receiving email from any non-business email domains.
No gmail, no yahoo, no zoho, no outlook, no protonmail, etc.