Hacker News new | ask | show | jobs
by joaopbnogueira 423 days ago
We don't even have any sort of login on our main page, the redirects we have are mostly around apex domain to www.25friday.com, http to https and the likes.... This is a pure company landing page with the typical business description, career application page, articles etc.

We do have subdomains for internal tools of course, but those should not even be publicly accessible (behind an auth proxy).
1 comments
tatersolid 423 days ago
Outlook also recently changed the default “report message” action in the UI to be “report phishing/malware” instead of “report spam”. This was a terrible design choice; phishing reports from my org’s own user base has increased 4x since the change which is a lot of false positives.

So maybe folks mean to “report spam” on your emails but “report phishing” instead…

link
joaopbnogueira 423 days ago
Could be the reason, but even so, we have really low volume campaigns and mostly to people we actually interact / have a history with. I would assume it would take more than a few accidental hits to trigger this issue.
link