Mixing
My company sends honeypot phishing email; should I automatically junk them?
Clash Royale CLAN TAG#URR8PPP
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;
up vote
1
down vote
favorite
My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).
However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.
I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.
I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).
email security
edited 1 min ago
Kate Gregory
105k40232335
asked 2 hours ago
user1821961
18617
 |Â
show 2 more comments
up vote
1
down vote
favorite
My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).
However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.
I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.
I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).
email security
edited 1 min ago
Kate Gregory
105k40232335
asked 2 hours ago
user1821961
18617
"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago
1
Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago
1
"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago
@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago
@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago
 |Â
show 2 more comments
up vote
1
down vote
favorite
up vote
1
down vote
favorite
My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).
However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.
I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.
I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).
email security
edited 1 min ago
Kate Gregory
105k40232335
asked 2 hours ago
user1821961
18617
My company sends honeypot phishing emails from within our organization in Microsoft Outlook. e.g. hr@mycompanyname.com , ithelpdesk@mycompanyname.com , etc. I fell to one of these in a lapse of judgment while working late (I clicked a link in a honeypot email, hr@mycompanyname.com asking me to fill out an HR form, which told me to do some remedial security training). Now I want to block that bad email, so as to not fall for any more of them from that source. I found that I could not block the email as it was from within my organization (it's some outlook admin setting I think).
However I may be able to set certain senders be sent to junk through the "rules" setting, as to save myself time/attention or possible falling for any more traps.
I would consider a fairly normal and reasonable reaction to phishing emails to be to block the sender and delete the email.
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I feel it would be a bad idea for the company to use previous honeypot email addresses on legitimate emails for important information. I would also expect that important information can be escalated beyond email in person, or through work phone or other channels of communication (company instant messaging, company HR system, etc) The company is somewhat small ~100 people.
I know legitimate email addresses belonging to the company can be compromised and bad stuff sent through them. Thus always constant vigilance is important regardless of sender, and I'm not practicing my "security mindfulness" if I just block my known encountered honeypots, because I'm not playing the game.
However with my knowledge and due diligence of these appearing to be dedicated honeypot email addresses (never/not used for anything else), I feel blocking known dedicated honeypot email addresses serves to benefit myself and the company's interests (letting me just work).
email security
email security
edited 1 min ago
Kate Gregory
105k40232335
asked 2 hours ago
user1821961
18617
edited 1 min ago
Kate Gregory
105k40232335
asked 2 hours ago
user1821961
18617
edited 1 min ago
Kate Gregory
105k40232335
edited 1 min ago
Kate Gregory
105k40232335
edited 1 min ago
Kate Gregory
105k40232335
105k40232335
asked 2 hours ago
user1821961
18617
asked 2 hours ago
user1821961
18617
asked 2 hours ago
user1821961
18617
18617
"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago
1
Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago
1
"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago
@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago
@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago
 |Â
show 2 more comments
"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago
1
Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago
1
"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago
@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago
@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago
"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago
"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago
1
1
Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago
Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago
1
1
"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago
"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago
@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago
@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago
@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago
@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago
 |Â
show 2 more comments
2 Answers
2
active
oldest
votes
up vote
5
down vote
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I don't think it's a good idea...
First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.
Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...
Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.
The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...
answered 1 hour ago
DarkCygnus
29.4k1354127
add a comment |Â
up vote
0
down vote
Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.
With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.
Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.
answered 52 mins ago
Dan
4,2541820
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
5
down vote
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I don't think it's a good idea...
First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.
Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...
Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.
The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...
answered 1 hour ago
DarkCygnus
29.4k1354127
add a comment |Â
up vote
5
down vote
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I don't think it's a good idea...
First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.
Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...
Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.
The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...
answered 1 hour ago
DarkCygnus
29.4k1354127
add a comment |Â
up vote
5
down vote
up vote
5
down vote
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I don't think it's a good idea...
First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.
Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...
Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.
The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...
answered 1 hour ago
DarkCygnus
29.4k1354127
Would automatically sending emails from known honeypot addresses from within my company to junk automatically be a bad idea?
I don't think it's a good idea...
First, one should not have to block emails coming from your own company, as you never know when one will have relevant or important information that needs your attention. If you start blocking company emails, you may miss one that could be important and get you in trouble.
Now, with all due respect, I think you are missing the point here... you say you "fell" for a security test/check coming from your HR email, by attempting to fill forms online or doing some insecure action, and thus gave you some security training...
Blocking this email will not solve the core problem, as it will not help you learn from this nor undo the (simulated) threat you opened and fell for. This is why taking this approach would be ineffective, at best, or even result in you missing relevant information coming from within your company.
The best you can do is to learn from all this situation. Try to be more aware of the emails you get, both from your company and from outside, so you can avoid falling into simulated or real traps seeking to compromise your information. Fortunately for you this time it was simulated...
answered 1 hour ago
DarkCygnus
29.4k1354127
answered 1 hour ago
DarkCygnus
29.4k1354127
answered 1 hour ago
DarkCygnus
29.4k1354127
answered 1 hour ago
DarkCygnus
29.4k1354127
29.4k1354127
add a comment |Â
add a comment |Â
up vote
0
down vote
Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.
With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.
Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.
answered 52 mins ago
Dan
4,2541820
add a comment |Â
up vote
0
down vote
Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.
With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.
Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.
answered 52 mins ago
Dan
4,2541820
add a comment |Â
up vote
0
down vote
up vote
0
down vote
Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.
With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.
Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.
answered 52 mins ago
Dan
4,2541820
Nearly every company has this scheme set up. Where they send fake phishing emails then see how many clicks on links or attachments. These generally take you to a training page or flag your manager.
With that said at my company I simply forward it as an attachment to the spam account. It's actually favorable behavior by the company. I even send them emails from high CEO who sends me a survey monkey link which I consider junk as well. It doesn't sound like bad behavior to me, and should be considered good behavior to block known aliases of things you know are spam. I would take it a step further and email every single one of them to the spam account your company has if they set one up.
Edit: After re-reading your question I realize you may have clicked on a spam email. You should go ahead and do the training to comply then in the future, forward such emails to the spam alias for investigation as well as deleting it/report to spam. You shouldn't treat it as a big deal and simply learn from it. Never click on links in emails and never open attachments.
answered 52 mins ago
Dan
4,2541820
answered 52 mins ago
Dan
4,2541820
answered 52 mins ago
Dan
4,2541820
answered 52 mins ago
Dan
4,2541820
4,2541820
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f120137%2fmy-company-sends-honeypot-phishing-email-should-i-automatically-junk-them%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
"Having fallen to one of these in a lapse of judgement while working late, I endeavoured to block it, as to not fall for any more of them from that source." - Could you clarify what did you "fell" for? In what way are they phishing/honeypot if they are from withing your company, probably handled by some coworker of yours?
– DarkCygnus
2 hours ago
1
Move to junk or delete without a trace? There's a rather big difference. And how many of these fake emails are people sending that you're dedicating this much thought to them?
– Lilienthal♦
2 hours ago
1
"I feel blocking them serves to benefit myself and the company's interests (letting me just work)." - the company's clear interest is in training you to recognize and avoid phishing emails. Blocking them via a rule doesn't serve their interest, just yours.
– Joe Strazzere
1 hour ago
@JoeStrazzere yeah I think a lack of awareness in the organisation / with the OP is the big issue here
– Matthew E Cornish
1 hour ago
@DarkCygnus Updated question, clicked link to fill out hr form from hr@mycompany'sname.com, which led me to remedial training.
– user1821961
1 hour ago