Multiple Faces Detected
October 6th, 2023
If you’ve recently received an email from a renowned company asking you to disclose your personal information, such as your credit card or login details, you may have just fallen victim to a test by your employer. More and more frequently, companies are testing their employees to find out who would fall for a phishing email scam. Below, we’ll discuss some of the most prominent companies that have sent out these fake phishing emails, how they did it, how their employees responded, and how many of them fell for it. Check it out to gain insights regarding this phishing email test for employees!
Which Companies Have Done the Phishing Email Test for Employees?
West Midlands Trains
West Midlands Trains
One of these phishing tests came from West Midlands Trains, a railroad operator in the UK. The company sent out an email to 420 employees in management roles. The email contained a link telling employees that they would receive a bonus for working hard despite the struggles brought about by the COVID-19 pandemic.
However, those who clicked on the link found out that they wouldn’t receive anything. It was just a test of their resistance to scammers. While the company considered this a training for its employees to protect themselves against hackers and scammers, the latter did not take it positively.
Most employees were furious about it and demanded an apology. The pandemic itself was already emotionally and financially draining to them, so a stunt like this wasn’t beneficial to their situation. A labor union representative also pointed out that instead of sending fake phishing emails, companies should adopt a more effective approach, like installing software that protects against ransomware or blocking phishing emails.
GoDaddy
GoDaddy
GoDaddy, a web hosting provider, also sent fake phishing emails to its employees. In the email, they promised that their employees would receive a Christmas bonus worth $650. They just had to fill out the form provided and enter their personal information.
Hoping to get their Christmas bonuses amid the coronavirus pandemic, about 500 GoDaddy employees clicked on the link. However, after two days, they received another email informing them that they failed the company’s phishing test. The employees were then infuriated with the company’s stunt.
While GoDaddy sent the fake emails with good intentions, the company understood why the employees were disappointed with their actions. After acknowledging that the phishing test was insensitive, they apologized to their employees.
Tribune Publishing
Tribune Publishing
Tribune Publishing, the owner of the Chicago Tribune and The Baltimore Sun, also sent out fake emails to their employees as a cybersecurity test. In the email, employees were informed that they would get bonuses ranging from $5,000 to $10,000.
Looking like an official announcement from the company’s HR department, the email had the subject line “Executive bonuses – Confidential.” The company said that the bonus was their way of thanking employees for their commitment and excellent performance. They also shared that the bonus was made possible because of the continued efforts to cut down on costs.
Then, they asked employees to log in to see their respective bonuses. Employees were also given the option to have the amount partially deposited into Tribune Publishing’s retirement savings program. However, these bonuses didn’t exist. They were instead taken to a page informing them that it was just a phishing test with reminders about company rules and staying cautious against online scammers.
The employees, however, were unhappy with the phishing test. They considered the act insensitive and disrespectful. In the end, Tribune Publishing issued an apology for sending out the fake bonus offers. They acknowledged that the email was indeed misleading.
Pinnacle Financial Partners
Pinnacle Financial Partners
Pinnacle Financial Partners, a bank based in Nashville, Tennessee, also used phishing tests as a security test. Every quarter, employees would receive these fake emails, and the company would send the results to their audit committee as well as the board of directors. These emails would tell employees that their accounts would be locked because of unusual activities.
If you clicked on the link you’d see a message saying that it was just a fake phishing email. Some tips were also provided to help the employee detect suspicious messages from scammers. Those who clicked on the link regretted doing so and wondered how they missed it.
While it seems that the test had been received positively, big internet companies, like Microsoft and Google, think that it’s best to provide a verification system that wouldn’t allow scam artists to impersonate businesses through emails in the first place.
Phishing Scams: Stay Alert With Social Catfish
The phishing email test for employees often include promises of a bonus, which will only disappoint you in the end. However, as phishing scams continue to rise, take note of these common stories and tactics that real scammers use. To learn more about different types of scams online, visit our page.
