GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Rabbit (ra6bit@infosec.exchange)'s status on Thursday, 10-Apr-2025 22:49:36 JST Rabbit Rabbit

    The "phishing training" industry and practice has lost the plot. You'd be far better off building your security program around the idea that sometimes users get phished than to invest the same money to constantly harass them with phishes that don't even reflect what actual phishes look like.

    We’ve created a type of control which can be bypassed by spelling things correctly, since we've trained people to believe phishes will always be misspelled or come from an obvious domain.

    This is why your company still gets rocked with ransomware from some 14 year old who sends your users a plain looking URL from a gmail account with the subject “You’ve received a Dunkin' Gift Card!”

    KnowBe4 can't save you.

    In conversation about 2 months ago from infosec.exchange permalink
    • Phantasm likes this.
    • Ryan Castellucci :nonbinary_flag: and GreenSkyOverMe (Monika) repeated this.
    • Embed this notice
      Rabbit (ra6bit@infosec.exchange)'s status on Friday, 11-Apr-2025 03:09:46 JST Rabbit Rabbit
      in reply to

      “But after two years of annoying our users with condescending 'gotcha!' phishing training, our response rate fell from 50% to 20%!”

      Congrats. This will certainly slow me down as an attacker when only 20% of your org gives me their passwords. Good jorb.

      In conversation about 2 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.