They do this at my work. I simply report every external email I get as a phishing attempt.
As a result, I’ve caught all the fake phishing emails sent by our IT department, at the minor cost of them having to clear 50+ legit emails per day. My coworkers have been quite appreciative of my tactics against phishing, and have started to adopt my methods.
Strangely enough, the number of phishing tests IT has sent out has dramatically decreased since I was initially hired.
Eh, the system that gives you the sticker is automated, and the system that tracks flagged emails is mostly ignored. If reporting everything makes you feel better, please continue to do so.
Depends on how it’s configured. I had one job where the “report phishing” button would generate a ticket so that we could review and block new bad actors and bad domains
I wish the company I worked for had some system like that. I know they have a system for quarantining suspicious emails because every once and a while it’ll flag and quarantine something. But almost everything sails right through. You’d think the cybersecurity department would put more effort into one of their first lines of defense, but instead it’s more fake phishing emails.
They do this at my work. I simply report every external email I get as a phishing attempt.
As a result, I’ve caught all the fake phishing emails sent by our IT department, at the minor cost of them having to clear 50+ legit emails per day. My coworkers have been quite appreciative of my tactics against phishing, and have started to adopt my methods.
Strangely enough, the number of phishing tests IT has sent out has dramatically decreased since I was initially hired.
Acting in bad faith and objectively generate an avoidable workload for colleagues would be a legit reason to get fired where I live
Eh, the system that gives you the sticker is automated, and the system that tracks flagged emails is mostly ignored. If reporting everything makes you feel better, please continue to do so.
Depends on how it’s configured. I had one job where the “report phishing” button would generate a ticket so that we could review and block new bad actors and bad domains
I wish the company I worked for had some system like that. I know they have a system for quarantining suspicious emails because every once and a while it’ll flag and quarantine something. But almost everything sails right through. You’d think the cybersecurity department would put more effort into one of their first lines of defense, but instead it’s more fake phishing emails.