My company sends honeypot phishing email; should I automatically junk them?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;







up vote
1
down vote

favorite












My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).



However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.



I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.



Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?



I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.



I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).










share|improve this question























  • "Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
    – DarkCygnus
    2 hours ago






  • 1




    Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
    – Lilienthal♦
    2 hours ago







  • 1




    "I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
    – Joe Strazzere
    1 hour ago










  • @JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
    – Matthew E Cornish
    1 hour ago










  • @DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
    – user1821961
    1 hour ago
















up vote
1
down vote

favorite












My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).



However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.



I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.



Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?



I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.



I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).










share|improve this question























  • "Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
    – DarkCygnus
    2 hours ago






  • 1




    Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
    – Lilienthal♦
    2 hours ago







  • 1




    "I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
    – Joe Strazzere
    1 hour ago










  • @JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
    – Matthew E Cornish
    1 hour ago










  • @DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
    – user1821961
    1 hour ago












up vote
1
down vote

favorite









up vote
1
down vote

favorite











My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).



However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.



I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.



Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?



I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.



I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).










share|improve this question















My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).



However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.



I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.



Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?



I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.



I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).







email security






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 1 min ago









Kate Gregory

105k40232335




105k40232335










asked 2 hours ago









user1821961

18617




18617











  • "Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
    – DarkCygnus
    2 hours ago






  • 1




    Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
    – Lilienthal♦
    2 hours ago







  • 1




    "I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
    – Joe Strazzere
    1 hour ago










  • @JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
    – Matthew E Cornish
    1 hour ago










  • @DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
    – user1821961
    1 hour ago
















  • "Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
    – DarkCygnus
    2 hours ago






  • 1




    Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
    – Lilienthal♦
    2 hours ago







  • 1




    "I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
    – Joe Strazzere
    1 hour ago










  • @JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
    – Matthew E Cornish
    1 hour ago










  • @DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
    – user1821961
    1 hour ago















"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago




"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago




1




1




Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago





Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago





1




1




"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago




"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago












@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago




@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago












@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago




@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago










2 Answers
2






active

oldest

votes

















up vote
5
down vote














Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?




I don't think it's a good idea...



First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.



Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...



Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.



The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...






share|improve this answer



























    up vote
    0
    down vote













    Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.



    With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.



    Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.






    share|improve this answer




















      Your Answer







      StackExchange.ready(function()
      var channelOptions =
      tags: "".split(" "),
      id: "423"
      ;
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function()
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled)
      StackExchange.using("snippets", function()
      createEditor();
      );

      else
      createEditor();

      );

      function createEditor()
      StackExchange.prepareEditor(
      heartbeatType: 'answer',
      convertImagesToLinks: false,
      noModals: false,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      noCode: true, onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      );



      );













       

      draft saved


      draft discarded


















      StackExchange.ready(
      function ()
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f120137%2fmy-company-sends-honeypot-phishing-email-should-i-automatically-junk-them%23new-answer', 'question_page');

      );

      Post as a guest






























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes








      up vote
      5
      down vote














      Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?




      I don't think it's a good idea...



      First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.



      Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...



      Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.



      The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...






      share|improve this answer
























        up vote
        5
        down vote














        Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?




        I don't think it's a good idea...



        First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.



        Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...



        Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.



        The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...






        share|improve this answer






















          up vote
          5
          down vote










          up vote
          5
          down vote










          Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?




          I don't think it's a good idea...



          First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.



          Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...



          Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.



          The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...






          share|improve this answer













          Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?




          I don't think it's a good idea...



          First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.



          Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...



          Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.



          The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered 1 hour ago









          DarkCygnus

          29.4k1354127




          29.4k1354127






















              up vote
              0
              down vote













              Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.



              With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.



              Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.






              share|improve this answer
























                up vote
                0
                down vote













                Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.



                With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.



                Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.






                share|improve this answer






















                  up vote
                  0
                  down vote










                  up vote
                  0
                  down vote









                  Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.



                  With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.



                  Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.






                  share|improve this answer












                  Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.



                  With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.



                  Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered 52 mins ago









                  Dan

                  4,2541820




                  4,2541820



























                       

                      draft saved


                      draft discarded















































                       


                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function ()
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f120137%2fmy-company-sends-honeypot-phishing-email-should-i-automatically-junk-them%23new-answer', 'question_page');

                      );

                      Post as a guest













































































                      Comments

                      Popular posts from this blog

                      What does second last employer means? [closed]

                      Installing NextGIS Connect into QGIS 3?

                      One-line joke