[shados]

That's so true. Our IT dep runs "fake" fishing attacks regularly and last time they did it I totally got caught.

They happened to send a fake error report email (which had all of the "red flags" you should catch before clicking a link in an email) on the day I started an oncall rotation that had me receive similar emails. I was wary of missing one, so when I saw it coming, :click:.

I was greeted with a nice message to educate me about what I had just done and how to avoid it. I knew all of this of course (Ive worked in security!), but it just shows how no one is foolproof.

[lhuser123]

If it’s that easy to fool a trained professional, imagine the rest of the people out there. I sometimes which never have learned about this stuff. It’s difficult to watch so many people clicking on fake pages or potentially dangerous links because they can’t (or care to) differentiate between ads and google results. Maybe I’m wrong but I think it should be regulated.