Drat! Caught Again! Damned tricky phishing emails
Those pesky internal phishing emails.
There are people out there whose entire job is to catch you slipping. Yep, your overstaffed security team. The ones who spend their days crafting fake “mandatory training” emails that look more legit than your boss’s calendar invites. You click, and boom: “Oops! You’ve just opened a phishing attempt that could have caused a catastrophic data leak.”
Whoa! Catastrophic? I clicked an email, not launched a missile. Honestly, I’ve fallen for these more times than I care to admit. Either their emails are Oscar-worthy masterpieces, or I just click everything like a toddler with an iPad.
Once, when I worked at a bank, the punishment for clicking one of these was an hour-long lecture from the security team. Guess what? I clicked on one and I wasn’t about to waste an hour of my life attending a meeting, so I ignored the polite calendar invite. Then came five follow-up emails (ignored), three mystery phone calls (ignored), and finally, two security folks looming over my desk. I used to bounce in bars and spent time on city streets as an ambulance officer, so I don’t intimidate that easily.
They announced I had to attend a compulsory meeting. Being the security-conscious guy I am, I asked for ID. My boss was loving this as he hated these guys too. They reluctantly flashed their driver’s licenses. I told them that proved nothing. After making them sweat a little, I finally agreed to listen.
I told them straight:
If you’re scanning emails like you claim, then that phishing email should never have reached me.
Your spammy follow-ups? They violate your own “Unwanted Email Policy.”
And those phone calls. One after hours? Borderline harassment.
Then I smiled and said, “So… when’s that online meeting again? I’m pumped. Got lots of questions.” One of them muttered something about me being a troublemaker as they left.
I welcome their visit the next time I click on something random.
Thanks,
Kyle