Email Phishing Simulation – What Not To Do

A British railway firm has been criticized (and rightly so) for sending out an email phishing simulation test that ended up eroding employee trust in the company.

The firm West Midlands Railsent out an email phishing simulation to employees telling them that would get a financial reward for their "hard work" during the pandemic.  When employees clicked on the link, they received an additional email explaining that "this was a test". 

Predictably, employees were not amused, with a union official describing it as "crass and reprehensible behavior" and saying that were other ways to complete the phishing simulation. 

The firm responded, "This important test was deliberately designed with the sort of language used by real cyber criminals but without the damaging consequences". 

Well, there may have been damaging consequences to the reputation of the firm, but at least no cybersecurity consequences.  What's your opinion?  Read the full story HERE.


Leave a comment!

Your email address will not be published.