My company uses an outside vendor for security training that requires us to login using company credentials.
The outside security vendors also run phishing security campaigns that they send out from their own domain, and that have "phishing" URLs that point to the same domain we do the training on.
I got reported as being phished for following a link that goes to the SAME domain as our required security training. Our security compliance team got my point when I reported every required training reminder as coming from a known phishing domain.
The outside security vendors also run phishing security campaigns that they send out from their own domain, and that have "phishing" URLs that point to the same domain we do the training on.
I got reported as being phished for following a link that goes to the SAME domain as our required security training. Our security compliance team got my point when I reported every required training reminder as coming from a known phishing domain.