The phishing-emails-as-a-test emails were so frequent that I started flagging all emails from our company that had a link in them as phishing emails and let the IT staff tell me which ones were real. They didn't enjoy that so they stopped sending the phishing emails as often. They still send them though, from time to time.

I ended up creating my own browser extension for gmail that blocks clicking on any link unless the domain is whitelisted. Now if I click any link and it's not in the whitelist, it shows a popup that displays the domain name, and I can then choose to whitelist it and then it opens the link, or just keep blocking it. I haven't had to re-take any phishing compliance tests in a long time.

▲

venusenvy47 5 days ago | parent [-]

Aside from the test emails, many emails from contractors that our corporate IT works with have the appearance of phishing. I'm not shy about reporting any of these. Most of the time they say "that's a real email". I like to educate them that their contractors are sending poorly-crafted emails to the whole company.

	▲	leptons 5 days ago \| parent [-]
		The last straw for me was when I received an email "from my boss" telling me of my holiday bonus with a link to click. Well I knew that was a phishing-test email right away because that cheap bastard has never given me a holiday bonus, not even once in the 10 years I've worked there. Some nerve sending out a phishing-test disguised as a bonus, fucking pour some salt into the wound why don't they.