And this is why phishing is worth attackers' investment (HT WeldPond):

“Got to see my favourite type of Incident Ticket today.
User got suspicious email, reported it because when they followed the link it went to a sign in page but 'none of their corporate credentials worked'
For added value, service desk closed ticket cos it wasn't a supported site”

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.