An email sent to employees of Chicago-based Tribune Publishing, parent company of the Chicago Tribune, told recipients that they would receive $5,000 to $10,000 in bonus payments, “as a direct result of the success created by the ongoing efforts to cut our costs.” (Adam Jones, Ph.D. via Creative Commons Attribution-Share Alike 3.0 Unported license)
A simulated phishing email that used the false promise of company bonuses as a lure to trick employees has ignited a debate over the ethics of security awareness testing that potentially engender distrust and hard feelings.
On the one hand, simulations should mimic real-life phishing campaigns as closely as possible, security awareness experts argue. On the other hand, an insensitive training exercise can place your company in bad standing with employees.
The email in question, which was sent last week to employees of Chicago-based Tribune Publishing, told recipients that they would receive $5,000 to $10,000 in bonus payments, “as a direct result of the success created by the ongoing efforts to cut our costs.”
The email encouraged individuals to click on a link to find out their reward, but doing so revealed a message that the email was actually a phishing simulation test from sec ..
Support the originator by clicking the read the rest link below.
