British law firm Knights certainly has an interesting way of keeping its staff happy.
Employees disappointed staff with a recent salary review that granted either zero pay raises or a “small percentage of wages that were already well below market,” but “important news: pay raises.” I was pleased to receive an e-mail titled
Hello<編集済み>
From the next fiscal quarter, as a result of an evaluation of the current salary structure stipulated under the conditions of employment <2 桁> It turned out that an annual salary increase is planned.
The details of the salary increase are enclosed in the attached document.
***Please make sure all details are correct to avoid any issues with this adjustment***
From my heart,
HR teamThe knights
Perhaps as expected, some workers ended up opening the attachment.
The good news is that it was not sent by cybercriminals.
The bad news was that the email was a lie. Staff were not paid.
Instead, upon opening the attachment, workers were informed that they had failed the phishing test.
It probably wouldn’t surprise me to hear that this wasn’t well received by the staff.
who would have expected that?
according to law site roll on fridaythe test “fell like a lead balloon”, with some partners reacting in disbelief or even threatening to leave.
And yes, the fact that the email came from an external email address ([email protected]) should have sounded the alarm.
Yes, the recipient should have noticed the following phrase at the beginning of the email: real warning The message must have originated outside the company.
But for any company to piss off its employees in this way is downright stupid and short-sighted.
Instead of choosing a topic that would inevitably leave a bad taste in the mouths of employees (salary reviews), this phishing test sent the first 20 people who responded with a message that the company was offering free pizza on Friday. It may not have been too much.
Of course, there is no reason for scammers to do so. Can not This tactic is used to trick suspicious users into clicking on dangerous links or opening malicious attachments.
Well, I myself have received just such a phishing email – claiming that my salary will be increased. I was the only person working at the company, so I was certainly not surprised to hear this news from the company’s human resources department.
Keep staff on your side when fighting hackers. Instead of giving them another reason not to work for you, test their cybersecurity awareness in a positive and constructive way.
Did you enjoy this article? Follow Graham Cluley on Twitter again Mastodon To read more of the exclusive content we post,
