Not in my case, no. The content was completely custom to the organisation. I assume they were big enough that they felt like a lot of the risk would come from coordinated spearphishing carefully crafted to look like genuine corp email.
In my case, the phishing tests originated with the organization that owns my employer, rather than within my employer itself. Our email states are entirely distinct so, while we can report the emails, no one would ever care.
… You must be one of my co-workers. Except that we just delete ours rather than labeling them.
We needed to label them because the requirement was not only that we don’t click them, but that we use the “report phishing” function on them.
Also some of them were pretty funny.
Was it hoxhunt? It’s a bit spammy but they seem to push for a more gamefied approach over collective punishment.
Not in my case, no. The content was completely custom to the organisation. I assume they were big enough that they felt like a lot of the risk would come from coordinated spearphishing carefully crafted to look like genuine corp email.
I fucking hate hoxhunt. Just let me send shit to the junk folder and ignore it.
Aren’t you supposed to report them though
In my case, the phishing tests originated with the organization that owns my employer, rather than within my employer itself. Our email states are entirely distinct so, while we can report the emails, no one would ever care.