Trending

‘My company once sent a phishing attempt that told everyone is laid off’: Company pretends to send worker $25 Starbucks card as ‘phishing test’

‘Silly me, it was a phishing test. My company would never be that nice!’

Photo of Braden Bjella

Braden Bjella

Article Lead Image

A common way that hackers will steal information is through the use of something called a “phishing attack.”

Featured Video

While phishing can be accomplished in a variety of ways, one of the more common phishing attempts involves trying to get users to click on a malicious link.

“Once the link has been clicked, the user is directed to the malicious phishing page. This page may be designed to harvest a user’s credentials or other sensitive information under the guise of updating a password or verifying a user’s identity. Alternatively, the site may serve a ‘software update’ for the user to download and execute that is actually malware,” detailed Check Point.

As the potential for lost data is a major concern for companies, some employers will conduct phishing tests on their employees. These involve sending fake phishing links to employees and seeing if they will click on them, as TikTok user Sid (@thediscoloft) recently demonstrated in a video with over 417,000 views.

Advertisement
@thediscoloft lmao oops #dumbwaystodye #thatmademecryyy #thatmademecry #corporatelife #corporate #phishing #phishingawareness #phisingscam #phishingtest #cybersecurity #corporatetiktok #corporatehumor #corporateamerica #corporatetok #corporatemillennial #corporategirlies ♬ That Made Me Cryyy – thecincomedy

The video shows an email offering Sid a $25 Starbucks gift card.

“When you’re 99.99% sure this email from your company giving you a starbucks gift card is a phishing test but you’re willing to risk it all,” she wrote in the text overlaying the video.

After clicking the link, Sid is informed that the offer was, in fact, a phishing test.

Advertisement

“Silly me, it was a phishing test,” she added in the overlay text. “My company would never be that nice!”

In the comment section, users shared similar stories of phishing tests.

“I got sent one that was ‘click to see who failed our previous phishing test’ and I knew it was another but really wanted to see,” recalled a user.

“My company once sent a phishing attempt that told everyone is laid off and the attachment was their severance package,” claimed a second.

Advertisement

“They got me with ‘here’s some free Broadway tickets,’” shared a third.

“The company I work at did a ‘bring your dog to work day’ phishing email and it practically set the system on fire bc everyone clicked it,” recounted an additional TikToker.

Some shared advice on how to avoid phishing scams like these in the future, both practical and otherwise.

“Phishing tests are why I delete 99% of my emails from my district. Then my admin want to know why I didn’t respond,” stated a commenter.

Advertisement

“If you hover over the link it should show you the redirect to your company’s cyber security website before you click,” noted a second.

“I’ve just continued to completely ignore emails,” said a further user.

The Daily Dot reached out to Sid via email.

Advertisement
web_crawlr
We crawl the web so you don’t have to.
Sign up for the Daily Dot newsletter to get the best and worst of the internet in your inbox every day.
Sign up now for free
 
The Daily Dot