GoDaddy promised holiday bonuses, it was just a phishing test

Illustration of an article titled GoDaddy: Sorry to have promised holiday bonuses, that was just a phishing test

Photo: Jenny Kane (AP)

GoDaddy decided that December would be a great time to test whether its employees are on the alert when it comes to cybersecurity threats. As its employees try to navigate a holiday season tumbled by the pandemic and a faltering economy, the web hosting giant sent a phishing email with an offer that was too good to be true and now it’s so sorry.

Arizona based news outlet The Copper Courier I mentioned it first GoDaddy employees received an email on 14 December with the headline “GoDaddy Holiday Party.” The email informed workers that the company is looking forward to the annual holiday party and will issue a “one-off $ 650 vacation bonus”. Two links were included in the email and employees were directed to choose their location and fill in some details in a form to ensure they receive their rewards before the holidays. Unfortunately, the entire show was just a test to see if employees would be exposed to such fraud if the bad actor tried to redirect them with a malicious link.

Two days later, around 500 GoDaddy employees were informed that no bonuses had arrived and that they had failed the corporate phishing test. Chief Security Officer at GoDaddy’s Demetrius Comes He wrote in the follow-up email that failed employees “will need to re-train social engineering for security awareness.”

Many companies run these types of tests and the tale tag tends to be a phishing email sent from an email address that appears to be from a company account, for example, a phishing manager might attempt an email from an address ending in @ gizmondo.com. But GoDaddy manages its email service and the fake phishing email was sent from an account at happyholiday@godaddy.com. It’s easy to see why so many workers failed the test, and it’s easy to understand why GoDaddy saw such a blatant loophole in its systems after the company just had an embarrassing problem. Data breach Earlier this year.

What is incomprehensible is the harshness involved in preparing this test and not following the employee’s expectation of a routine reward in the year when the company was informed. Record growth While participating in The biggest direction of the company Lay off Workers. Cybersecurity is important for a company like GoDaddy but that same test could have been taken, training authorizations could have been issued to anyone who had failed, and the rewards could still be handed out to everyone.

“GoDaddy takes the security of our platform very seriously. We understand that some employees have been bothered by the phishing attempt and we felt it was insensitive, and we apologized for it,” a GoDaddy spokesperson told Gizmodo. “While the test simulates real attempts at play today, we need to do better and be more sensitive to our people.” The company did not respond when it asked Gizmodo if it intended to issue the bonuses.

Data breaches can be a big concern for a web hosting company, but if no one wants to work there and no one wants to deal with an organization that treats its employees like dirt at the toughest moment in the toughest year in a generation, there’s nothing going to keep it safe.

READ  Ativistas: China e Brasil têm os bancos centrais mais verdes do mundo | Reuters | O negócio

Teremos o maior prazer em ouvir seus pensamentos

Deixe uma Comentário

N1 Sergipe