Our Head of Accounting got an e-mail to his private mail address with just a link to a Word document on some random OneDrive.
It contained an invoice over $4000 for “AI services”, payable via money transfer.
He sent it to the accounting department and told them to pay it.
Luckily, one of the accountants actually had a brain, and she forwarded it to IT.
Everyone gets yearly mandatory training. And every time you open Outlook, you get a reminder to stay vigilant, with a fun cartoon from the graphics department that changes daily to keep peoples’ attention.
Last year someone in the upper half of the food chain fell for a phishing mail. We nuked his account and recreated it with “p.lastname” instead of the usual scheme “peter.lastname” .
He had to inform all his contacts about his new e-mail address, and his coworkers called him pee-dot behind his back for a while.
After that, people got a lot more careful, it was better than any training.
But somehow, it’s usually upper management that’ll call the IT lead and demand to unblock a website RIGHT NOW because they need it, and when you check it out, it’s a phishing link.
Our Head of Accounting got an e-mail to his private mail address with just a link to a Word document on some random OneDrive.
It contained an invoice over $4000 for “AI services”, payable via money transfer.
He sent it to the accounting department and told them to pay it.
Luckily, one of the accountants actually had a brain, and she forwarded it to IT.
God. I hope they got a very stern lecture from their superiors and mandatory retraining from their security team.
Also their laptop should be wiped and rebuilt from opening a word document from “some random OneDrive”
As an IT professional, I would genuinely suggest blocking this individual from sending or receiving email from any non-business email domains.
No gmail, no yahoo, no zoho, no outlook, no protonmail, etc.
Everyone gets yearly mandatory training. And every time you open Outlook, you get a reminder to stay vigilant, with a fun cartoon from the graphics department that changes daily to keep peoples’ attention.
Last year someone in the upper half of the food chain fell for a phishing mail. We nuked his account and recreated it with “p.lastname” instead of the usual scheme “peter.lastname” .
He had to inform all his contacts about his new e-mail address, and his coworkers called him pee-dot behind his back for a while.
After that, people got a lot more careful, it was better than any training.
But somehow, it’s usually upper management that’ll call the IT lead and demand to unblock a website RIGHT NOW because they need it, and when you check it out, it’s a phishing link.
Time to fire upper management
Well yeah, those with power have the power to not listen to the skilled people below them