Jonkman Microblog
  • Login
Show Navigation

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 16-Apr-2022 12:13:46 EDT GeniusMusing GeniusMusing
    How not to do training...

    OHSU sent fake phishing emails to staff, offering financial aid kgw.com
    https://nu.federati.net/url/285890

    >PORTLAND, Ore. — For some employees at Oregon Health & Science University, an email sent by the university on April 12 offering up to $7,500 in financial assistance may have seemed like a lifeline.
    >
    >The email read, in part: "In response to the current community hardship caused by the COVID-19 pandemic, Oregon Health & Science University has decided to assist all employees in getting through these difficult times."
    >
    >It turned out to be a fake phishing test, organized by OHSU to test its employees' cybersecurity awareness and its own technology systems.
    >
    >The attempt to educate employees about phishing threats caused frustration, with some saying it was harsh or "tone deaf."
    >...
    In conversation Saturday, 16-Apr-2022 12:13:46 EDT from nu.federati.net permalink

    Attachments

    1. Invalid filename.
      OHSU sent fake phishing email to employees offering thousands in financial aid
      from kgw.com
      In a statement, OHSU said it made a 'mistake' by using the same language from a real phishing threat to test its employees' susceptibility to cybersecurity threats.
    1. lnxw48a1 (lnxw48a1@nu.federati.net)'s status on Saturday, 16-Apr-2022 13:23:10 EDT lnxw48a1 lnxw48a1
      in reply to
      @geniusmusing Sounds about right. $EMPLOYER's Cybersecurity wing sent holiday themed "the agency is giving its employees a holiday gift" phishing messages and left field IT to deal with the consequences.
      In conversation Saturday, 16-Apr-2022 13:23:10 EDT from nu.federati.net permalink
      1. GeniusMusing (geniusmusing@nu.federati.net)'s status on Saturday, 16-Apr-2022 13:39:54 EDT GeniusMusing GeniusMusing
        in reply to
        @lnxw48a1
        My former $EMPLOYER's MSP decided to to pretty much the same thing except it was HR (who had no clue about the test) that got the brunt of the consequences and the MSP decided that everybody failed and needed training, including me who reported the email to them and also notified HR and internal IT about it.

        A lot of angry people in upper management (esp HR/IT) complained they should have been notified that a test was going to happen, not so much what the test would involve but that it was going to happen so they could be ready for the hundreds of email they would get. The MSP also had some unintended fall out, their phone lines got completely clogged with calls about the email for about two hours.

        When karma calls.
        In conversation Saturday, 16-Apr-2022 13:39:54 EDT from nu.federati.net permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

Jonkman Microblog is a social network, courtesy of SOBAC Microcomputer Services. It runs on GNU social, version 1.2.0-beta5, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Jonkman Microblog content and data are available under the Creative Commons Attribution 3.0 license.

Switch to desktop site layout.