Shock! Employees don’t like receiving phishing exams from their companies that pose as wage will increase • Graham Cluley

Surprise! Staff don't like receiving phishing tests from their firms that pose as salary increases

UK regulation agency Knights definitely has an fascinating method of preserving its workers comfortable.

After disappointing its workers in a latest spherical of pay critiques that both granted zero rises or “tiny percentages on already way-below-market charges”, staff have been delighted to obtain an electronic mail entitled “Vital discover: Wage enhance.”


After assessing the present wage construction as supplied below the phrases of your employment, it was found that you’re due for a <DOUBLE DIGIT> annual wage enhance starting within the upcoming fiscal quarter.

The main points of your wage enhance are enclosed within the hooked up doc.

***Please guarantee all particulars are appropriate to keep away from any downside with this adjustment***

HR Group


Maybe predictably, some staff opened the attachment.

The excellent news is that it hadn’t been despatched by cybercriminals.

The dangerous information was that the e-mail was a lie. The workers weren’t getting an increase to their wage.

As a substitute, after they opened the attachment staff have been knowledgeable… that that they had failed a phishing check.

You maybe received’t be stunned to listen to that this didn’t go down terribly nicely with workers.

Who would have guessed that, eh?

Signal as much as our free e-newsletter.
Safety information, recommendation, and ideas.

In line with regulation website RollOnFriday, the check “went down like a lead balloon” with some companions responding with incredulity and even threatening to depart.

And sure, the truth that the e-mail arrived from an exterior electronic mail deal with ([email protected]) ought to have rung alarm bells.

And sure, recipients ought to have observed that the e-mail was prefaced by an precise warning that the message originated from outdoors the corporate.

Part of Knights phishing email
A part of phishing check electronic mail despatched to Knights workers, together with warning that electronic mail had been despatched from outdoors Knights.

However for any firm to piss off its workers on this method is completely boneheaded and shortsighted.

The phishing check may simply have simply been a message saying the corporate was providing free pizza on Fridays to the primary 20 individuals who responded, reasonably than select a subject (wage critiques) that was certain to depart a foul style in employee’s mouths.

After all, there’s no motive why fraudsters can’t use this tactic to trick usnuspecting customers into clicking on a harmful hyperlink or opening a malicious attachment.

Hey, I’ve obtained simply such a phishing electronic mail myself – claiming that my wage was going to be elevated. I wasn’t definitely stunned to get the information from my enterprise’s HR division, as I used to be the one one that labored on the firm.

Hold your workers on-side when combating hackers. Check their cybersecurity consciousness in a constructive constructive method, reasonably than give them one more reason to resent working for you.

Discovered this text fascinating? Observe Graham Cluley on Twitter or Mastodon to learn extra of the unique content material we submit.

Graham Cluley is a veteran of the cybersecurity trade, having labored for plenty of safety firms because the early Nineties when he wrote the primary ever model of Dr Solomon’s Anti-Virus Toolkit for Home windows. Now an unbiased analyst, he recurrently makes media appearances and is an worldwide public speaker on the subject of cybersecurity, hackers, and on-line privateness.
Observe him on Twitter, Mastodon, Bluesky, or drop him an electronic mail.

Leave a Reply

Your email address will not be published. Required fields are marked *