Getting Married Again!
About five years ago I got an email from Ebay confirming my purchase of a size 16 wedding dress. It didn’t take me long to remember that I was already married and that I was at least a size 18. What was going on?! I quickly clicked on the Ebay link in the email and logged into my account. Or at least I tried to. For some reason my password didn’t work. It was then I noticed the website I was on wasn’t Ebay at all but something designed to look like it. I had just been phished.
I’ve got much better at spotting phishing attacks and since then I’ve been caught only once. That was by our own Joe Smith with a carefully crafted spear-phish that looked just like an approval from SAW. My protestations of ‘not fair’ were somewhat lame.
The real trick with phishing a group of smart and cyber aware millennials (like most of Delt) is crafting a phish that isn’t completely transparent. You are all too worldly wise to fall for the Nigerian 419 scam or its ilk. You’d be sensibly suspicious if you got an unexpected email from your bank, PayPal or even from me, asking for money or your PIN.
A really awesome phish would be one that was explicably unsolicited, completely believable and exciting enough for you to not think carefully before providing personal information. Enter the recruitment phish! You get an email from a recruiter who has a perfect job for you! Its not that in your right mind you’d want to leave Delt but this opportunity – it’s so good you should really take a look…
As an employer, we don’t want good people to leave but sometimes it’s the right thing for you to do. We might try and persuade you to stay but more often we’ll wish you well and hope to see you further down the road. I’d actively encourage people to consider new opportunities for personal and professional growth. People who have worked in different places and different industries bring a broad perspective to what we do and if we grow as expected, there will still be a warm seat here for you.
However, don’t let your enthusiasm for a possible new role and the riches of heaven turn you into an idiot. Joe tells me there are a bunch of recruitment phishes floating around right now so please be careful.
On a completely different cyber security topic, if you haven’t checked your personal and corporate email addresses on https://haveibeenpwned.com/ then its well worth it. I’ll offer a small consolation prize to anyone who can beat the 7 pwns I have against my personal email address. Rather than more idiocy, this is an indication of the fact I’m really old and have been using the internet with the same email address since 1995 (on a 28.8k modem and AOL Weeeeep!).
Giles Letheren – Chief Executive Officer