this post was submitted on 21 Oct 2025
168 points (97.7% liked)

Cybersecurity - Memes

3527 readers
16 users here now

Only the hottest memes in Cybersecurity

founded 2 years ago
MODERATORS
Sam1232188@lemmy.world
neurohost@lemmy.world
Sam1232188@lemmy.fmhy.ml
Alphadef@programming.dev
CannaVet@lemmy.world
168
Security awareness (infosec.pub)
submitted 2 weeks ago by cron@feddit.org to c/cybersecuritymemes@lemmy.world
23 comments fedilink hide all child comments
 

Sometimes I wonder whether all this "security awareness training" has any effect at all.

you are viewing a single comment's thread
view the rest of the comments
[–] IcedRaktajino@startrek.website 13 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Yep.

Most of them are phishing test emails (where the org sends out fake "phishing" emails which have a UUID link tied to your email address) so they KNOW who clicks on these and who reports them. Until I stopped giving a fuck, I had reported 100% of them and clicked on 0. But since that doesn't let you "test out" of the 45 minute quarterly security awareness training, I stopped wasting my time and just delete them

[–] Windex007@lemmy.world 5 points 2 weeks ago (1 children)

About 9 years ago I wrote a script that looked for links to domains registered to wombat (the company that most companies seem to use for phishing simulation) and would autoreport and delete them. So just never saw them.

Still had to do the training. Every six months.

[–] Nasan@sopuli.xyz 2 points 2 weeks ago

One of my former managers had this habit of setting up email rules for known phishing simulation domains whenever he started somewhere new.

Microsoft domains listed in a table here for anyone else unfortunate enough to have to use their products within your org.