| ▲ | apple1417 3 days ago | |
I once got a "log into phishing training" email which spoofed the company address. No one even saw the email, it instantly hit the spam filter. Our infra guy then had to argue with them for quite a while to just email from their own domain, and that no, we're weren't going to add their cert to our DNS, and let a third party spoof us (or however that works, idk). Absolutely shocking lack of self awareness. | ||
| ▲ | darthwalsh 2 days ago | parent [-] | |
When they send out the phishing-simulation email campaign from the "compromised insider account" it's going to fool a lot more people! | ||