You have got to be kidding.

Discussion in 'Hangar Talk' started by Capt. Geoffrey Thorpe, Apr 22, 2020.

  1. Capt. Geoffrey Thorpe

    Capt. Geoffrey Thorpe Touchdown! Greaser! PoA Supporter

    Joined:
    Jun 7, 2008
    Messages:
    14,352
    Location:
    DXO124009

    Display name:
    Light and Sporty Guy
    Got this in the mail today:

    "Last week, IT Services ran an internal phishing security test to determine our vulnerability when real phishing attacks happen at [deleted to protect the guilty]. The subject line of the simulated phishing attempt was "Password Check Required Immediately." Out of 655 recipients 28.7% clicked on something within the email and 25 entered login credentials."
     
    deonb and denverpilot like this.
  2. JOhnH

    JOhnH Touchdown! Greaser!

    Joined:
    May 20, 2009
    Messages:
    13,327
    Location:
    Florida

    Display name:
    Right Seater
    I wonder how many were AVPs and above. Execs are the usual suspects in instances like this.
     
  3. AKiss20

    AKiss20 Pre-takeoff checklist

    Joined:
    May 31, 2015
    Messages:
    372
    Location:
    Cambridge, MA

    Display name:
    AKiss20
    To be fair, higher ups are more likely to be targets as their credentials are more valuable to steal, and it’s more of a story when the VP gets phished, so you’re more likely to hear about it when they get phished over bob or mary in the mail room. I wonder what the distribution of successful phishing attempts percentage is across different positions. (That being said I have a pretty low expectation of most execs so I wouldn’t be surprised if they in fact get successfully phished a higher percentage of the time).
     
  4. eman1200

    eman1200 Touchdown! Greaser! PoA Supporter

    Joined:
    Mar 10, 2013
    Messages:
    15,860
    Location:
    Oakland, CA

    Display name:
    Bro do you even lift
    truth. watching management try to accomplish something as simple as scheduling a meeting, or rescheduling that meeting, makes you wonder how a business can run successfully.
     
  5. Shepherd

    Shepherd En-Route

    Joined:
    Nov 24, 2012
    Messages:
    4,962
    Location:
    Hopewell Jct, NY

    Display name:
    Shepherd
    I used to say, "The most dangerous person in any modern corporation was a manager with access to a keyboard."
    The second most dangerous thing was the invention of the portable storage device.
    Take it home, plug it into a non-corporate, non-secure family machine, and it comes back into the building filthy with viruses.
     
    TCABM likes this.
  6. Ted

    Ted The pilot formerly known as Twin Engine Ted

    Joined:
    Oct 9, 2007
    Messages:
    28,822

    Display name:
    iFlyNothing
    I've heard it's pretty common to have poor results at the first automated phishing eMail from IT, and that's why they end up sharing the results and then doing it more regularly.

    A lot of people don't understand this stuff, which I don't get in this day and age. But then again I grew up on the internet.
     
  7. wsuffa

    wsuffa Touchdown! Greaser!

    Joined:
    Feb 22, 2005
    Messages:
    23,615
    Location:
    DC Suburbs

    Display name:
    Bill S.
    I know of a top level exec that used to use his "deleted items" bin in Outlook as a filing cabinet for storing items he wanted to keep. Had folders set up and all.

    Until IT decided to purge everyone's "deleted item" bin to save space on the server.
     
    dans2992, Palmpilot, Jim K and 2 others like this.
  8. vkhosid

    vkhosid Cleared for Takeoff

    Joined:
    Sep 15, 2014
    Messages:
    1,473
    Location:
    SFO

    Display name:
    94V
    That makes me inexplicably happy...
     
    deonb, Dana, Pugs and 2 others like this.
  9. wsuffa

    wsuffa Touchdown! Greaser!

    Joined:
    Feb 22, 2005
    Messages:
    23,615
    Location:
    DC Suburbs

    Display name:
    Bill S.
  10. jrcox19

    jrcox19 Pre-takeoff checklist

    Joined:
    May 5, 2019
    Messages:
    285
    Location:
    KOMN

    Display name:
    jrcox19
    Everybody knows you use the "Drafts" folder for that. Seemed to be a common practice at some companies, especially since automatic deleting of emails after 30/60/90 days was common
     
  11. Kenny Phillips

    Kenny Phillips En-Route

    Joined:
    Jul 29, 2018
    Messages:
    4,781

    Display name:
    Kenny Phillips
    We do this several times a year ("phishing for phools"). I used to put in nasty words for login and password, but I got called out on that. I now warn my team that it's coming, but nobody is dumb enough to fall for it anyway.
     
  12. JOhnH

    JOhnH Touchdown! Greaser!

    Joined:
    May 20, 2009
    Messages:
    13,327
    Location:
    Florida

    Display name:
    Right Seater
    Famous last words!
     
  13. chartbundle

    chartbundle Pattern Altitude

    Joined:
    Sep 26, 2011
    Messages:
    1,605
    Location:
    State of Confusion

    Display name:
    chartbundle
    One of my previous employers did test phishing attacks, they were blatantly obvious but the best part was they had a mail header 'X-Phish-Test: xxxxxx' so, I just added a mailbox rule to just mark them as spam automatically and then told all my coworkers.

    I briefly thought about all of us routing them to a sandbox VM and using some code to pretend click on all the links so it looked like all my team were incompetent morons.
     
    denverpilot likes this.
  14. Craig

    Craig Line Up and Wait

    Joined:
    Nov 23, 2015
    Messages:
    968
    Location:
    North Texas

    Display name:
    Craig
    Almost as bad as the morons that click on "Reply to All" and don't realize that the email was sent to the entire system address list... 3 days later, our IT guys had already deleted over 4 million emails and had to lock down the system and halt any replies to any email until the account holder had clicked on a link signifying that they had read and understood to stop using "Reply To All", unless the email came from someone in their direct contact list.
     
    Palmpilot likes this.
  15. Zeldman

    Zeldman Touchdown! Greaser!

    Joined:
    Jun 13, 2014
    Messages:
    15,182
    Location:
    high desert NM

    Display name:
    Billy
  16. Tantalum

    Tantalum Final Approach

    Joined:
    Feb 22, 2017
    Messages:
    8,481

    Display name:
    San_Diego_Pilot
  17. Tantalum

    Tantalum Final Approach

    Joined:
    Feb 22, 2017
    Messages:
    8,481

    Display name:
    San_Diego_Pilot
    Also.. I like how 90% of hacking is *not* some dude in a hoodie typing away at a matrix terminal but just clever social engineering.. or just raw guesswork
     
  18. asicer

    asicer Final Approach

    Joined:
    Jan 1, 2015
    Messages:
    7,840

    Display name:
    asicer
    Like when public figures use YahooMail or the like...

    tab#1: "Password recovery page for andrewcuomo@yahoo.com: In what city were you born?"
    tab#2: "Wikipedia.org/Andrew_Cuomo#early_life"
     
    TCABM and Kenny Phillips like this.
  19. AKiss20

    AKiss20 Pre-takeoff checklist

    Joined:
    May 31, 2015
    Messages:
    372
    Location:
    Cambridge, MA

    Display name:
    AKiss20
  20. Palmpilot

    Palmpilot Touchdown! Greaser! PoA Supporter

    Joined:
    Apr 1, 2007
    Messages:
    20,267
    Location:
    PUDBY

    Display name:
    Richard Palm
    We have that problem in CAP too.
     
  21. Ghery

    Ghery Touchdown! Greaser!

    Joined:
    Feb 25, 2005
    Messages:
    10,777
    Location:
    Olympia, Washington

    Display name:
    Ghery Pettit
    I remember decades ago that in the Army it was said that the most dangerous thing was a 2nd Lieutenant with a map. :D
    Given that I was one of TWO cadets who passed the map reading test in my platoon at ROTC summer camp I can see where this could be true. BTW, I thought the map reading test was dirt simple.

    I've said it before and I'll say it again. Dilbert is not a comic strip. Dilbert is a documentary.
     
    DaleB, denverpilot, TCABM and 2 others like this.
  22. Capt. Geoffrey Thorpe

    Capt. Geoffrey Thorpe Touchdown! Greaser! PoA Supporter

    Joined:
    Jun 7, 2008
    Messages:
    14,352
    Location:
    DXO124009

    Display name:
    Light and Sporty Guy
    Except the names have been changed.
     
  23. weilke

    weilke Touchdown! Greaser! PoA Supporter

    Joined:
    Jan 26, 2010
    Messages:
    14,987

    Display name:
    weilke
    This is only outdone by IT dimwits who set up the mail system in a way that:
    - doesn't restrict the use of mailing lists like 'everyone' and 'all_north_region_associates' to use by folks who have a legitimate use for them.
    - doesn't ignore replies sent to the 'everyone' mailing list so a company wide announcement to 3000 participants doesn't create 300 subsequent messages consisting of an 'out of office' reply (followed by multiple admonisments to 'everyone' to 'stop replying'.
     
    denverpilot likes this.
  24. Kenny Phillips

    Kenny Phillips En-Route

    Joined:
    Jul 29, 2018
    Messages:
    4,781

    Display name:
    Kenny Phillips
    Having been an IT dimwit, if you start with total lockdown, and then back it off as needed, there will be no cleanup required. If you start with an open system, and add locks as needed, you get the system used by certain of our armed forces.
     
    Shepherd and denverpilot like this.
  25. Tantalum

    Tantalum Final Approach

    Joined:
    Feb 22, 2017
    Messages:
    8,481

    Display name:
    San_Diego_Pilot
    ...for a minute I thought I drifted back onto one of our many COVID threads! hahah
     
    denverpilot likes this.
  26. asicer

    asicer Final Approach

    Joined:
    Jan 1, 2015
    Messages:
    7,840

    Display name:
    asicer
    That's actually not so bad.

    Worse is when everyone uses "Reply All" to tell everyone else not to use "Reply All". And then there's the additional waves of people that use "Reply All" to tell everyone else not to "Reply All" when telling everyone else not to "Reply All", ad infinitum.
     
  27. wilkersk

    wilkersk Pattern Altitude

    Joined:
    May 21, 2015
    Messages:
    2,197
    Location:
    Puget Sound

    Display name:
    KennyW
    I'm sitting here watching "The Feed" on Amazon Prime. Laughing at the thought of a future where all your memories are uploaded to the cloud. I suspect the human race will have eliminated itself before that becomes reality.
     
  28. smv

    smv Pattern Altitude

    Joined:
    Dec 30, 2019
    Messages:
    1,661

    Display name:
    smv
    Who is more at fault? The moron who hit "Reply All" or the moron that sent a system address list wide email without using BCC?
     
    MuseChaser, Salty and JOhnH like this.
  29. murphey

    murphey Touchdown! Greaser! PoA Supporter

    Joined:
    Aug 21, 2008
    Messages:
    10,785
    Location:
    Colorado

    Display name:
    murphey
    Department of Redundancy Department.
     
    Palmpilot likes this.
  30. smv

    smv Pattern Altitude

    Joined:
    Dec 30, 2019
    Messages:
    1,661

    Display name:
    smv
    Would you like to be a Charter Member of the Alliance to Abolish, Eliminate, Stamp out, and Banish Redundancy?
     
    murphey and Palmpilot like this.
  31. denverpilot

    denverpilot Tied Down PoA Supporter

    Joined:
    Nov 8, 2009
    Messages:
    55,440
    Location:
    Denver, CO

    Display name:
    DenverPilot
    I wish I could say that was high, but I’ve seen worse. And know of a major financial company everyone would recognize that was double those numbers.

    However. The old flight instruction / teaching / training side of this is important. If you did this test without telling them not to do it, testing their knowledge level, telling them again, and telling them once more... it’s shock and awe to build a budget and not a legitimate learning process.

    Additionally, humans respond better to positive than negative feedback. If you’re only publishing how naughty they were, and didn’t praise and reward those who did it right, you only did half of the job.

    The IT security personality often is a nerd who loves sitting in their office, monitoring, writing docs, doing all the techy stuff, and they never once get out of the chair, and walk their ass down the hall with a big ass bag of assorted candy and treats to personally hand to the staff that did good. Or whatever. You get the idea.

    Oh FFS. Just fire the contractor sending those immediately. LOL. Gah.

    T’is true! I’ve often thought Red Teaming would be fun, but you literally have to think like a criminal. That can twist you a bit over time.

    But there’s so many easy and effective social engineering hacks that’ll get you exactly what you want, it’s not funny. People intrinsically want to help and treat others well and trust strangers for the most part. It’s largely the biggest weakness of any organization. If I can convince someone I need help desperately it’ll turn off warning signs in many many brains and they’ll get the keys and open the server room door for me. LOL.

    Scott Adams was an ISDN engineer at Pacific Bell. It truly is.
     
  32. Larry in TN

    Larry in TN En-Route

    Joined:
    Nov 16, 2013
    Messages:
    2,506
    Location:
    Nashville, TN

    Display name:
    Larry in TN
    "Please take me off this list!"
     
    deonb and denverpilot like this.
  33. Craig

    Craig Line Up and Wait

    Joined:
    Nov 23, 2015
    Messages:
    968
    Location:
    North Texas

    Display name:
    Craig
    SMV: Let’s put it this way, due to security reasons, for certain email networks, BCC does not exist, and all recipients can be seen. Certain types of accounts have the ability to bypass general email protocols and have very specialized traffic rules.
     
  34. Capt. Geoffrey Thorpe

    Capt. Geoffrey Thorpe Touchdown! Greaser! PoA Supporter

    Joined:
    Jun 7, 2008
    Messages:
    14,352
    Location:
    DXO124009

    Display name:
    Light and Sporty Guy
    Some time ago, we had mandatory training about cyber security, plus we get regular reminders about phishing. No excuse there. Also, a significantly higher percentage of the peeps working here have PHDs compared to other workplaces (which also makes me laugh) (A small private university).
     
    denverpilot likes this.
  35. YooperMooney

    YooperMooney Pre-takeoff checklist

    Joined:
    Aug 8, 2019
    Messages:
    195

    Display name:
    CapellaXS
    I’m not sure if he still runs this way but I’m sure he does: President Trump does not use electronic mail. I found that to be quite shocking when I saw that sworn testimony under oath during a 2016 deposition. Compare this to his predecessor President Obama who was wildly obsessed with his Blackberry and tech equipment. Both Trump and Obama are/was constantly breaking communication security protocols by utilizing unsecure wireless communication devices way too close to the actual secure desk sets. Not to mention the use of social media apps and such, blah blah it’s a recipe for disaster. Regardless, Pres Trump is quite “old school” in the sense he ran his business ops without any e-mail. I still chuckle when I watch my 76-yo dad do the hunt-and-peck to type on a full-size keyboard. I think that’s what made him almost exclusively utilize a smart phone as its still hunt-and-peck but can be taken with him anywhere.
     
  36. Shepherd

    Shepherd En-Route

    Joined:
    Nov 24, 2012
    Messages:
    4,962
    Location:
    Hopewell Jct, NY

    Display name:
    Shepherd
    While I was at IBM, one of our CIOs was responsible for the largest security breach in IBM history when he took a thumb drive home and stuck it in his son's computer.
    After weeks of 24 hour days trying to find and fix the damage, we finally got everything back to "normal". Every employee had to install protection on any machine they worked on or owned, and were told to never, ever conduct IBM business on a family owned machine.
    Any IBMers here remember having to attend the meeting and signing the security form? Maybe that was just a Research/Headquarters thing.
    Less than 72 hours later the same CIO did exactly the same thing. This time he stuck a thumb drive in his wife's computer.
    "No one told me I had to have my wife's machine checked."
    He "retired" later that day. I ran into him in an antiques shop about 3 years ago. He still blames me because he wasn't specifically told not to use his wife's, or daughter's machines.
    Managers with access to a keyboard.
     
    denverpilot and Palmpilot like this.
  37. Capt. Geoffrey Thorpe

    Capt. Geoffrey Thorpe Touchdown! Greaser! PoA Supporter

    Joined:
    Jun 7, 2008
    Messages:
    14,352
    Location:
    DXO124009

    Display name:
    Light and Sporty Guy
    Where I used to work, some years ago, but not that many. Sitting in the office of a chief engineer (who was in charge of the companies powertrain software shop). His admin was on vacation and the substitute came in to ask him for his email password so she could print his mail for him. He didn't know.
     
  38. JOhnH

    JOhnH Touchdown! Greaser!

    Joined:
    May 20, 2009
    Messages:
    13,327
    Location:
    Florida

    Display name:
    Right Seater
    Why did you trick him like that? ;)
     
    Palmpilot and Shepherd like this.
  39. Tantalum

    Tantalum Final Approach

    Joined:
    Feb 22, 2017
    Messages:
    8,481

    Display name:
    San_Diego_Pilot
    True.. and that's a very hard thing to plan towards. Combine people's general willingness to help and the "appeal to authority" fallacy you have a perfect storm. Honestly that's why I like the fingerprint or 2FA stuff (factor authentication, not flight attendants, lol). It makes the whole "I need to confirm your password" thing much harder if you need a fingerprint or to have a random key generated that expires in 30 seconds
     
    denverpilot likes this.
  40. Palmpilot

    Palmpilot Touchdown! Greaser! PoA Supporter

    Joined:
    Apr 1, 2007
    Messages:
    20,267
    Location:
    PUDBY

    Display name:
    Richard Palm
    People don't think things through.
     
    Shepherd likes this.