|
|
|
|
|
|
by subscribed
31 days ago
|
|
|
In my company I regularly see genuine, legitimate emails that carry several huge red flags, like these conveyed to us on trainings. If I can plausibly claim I wasn't sure it was legit (ie it was sent from the outside form the sketchy looking host), I'd always report it internally as phishing attempt. Just to make the security work with it. |
|
|
I don't think I've worked anywhere yet that does 2FA, SSO, or even a vaguely usable system that doesn't look like it was made 30 years ago in these departments.
Which is extra troubling as these systems are the ones with the PII!