GoDaddy believes that December will be the perfect time to test whether its employees remain vigilant in the face of cybersecurity threats. While its employees were trying to get through the holiday troubled by the pandemic and the economic downturn, the web hosting giant sent a phishing email with an offer that was too high, incredible, and I am very sorry now.
The Copper Courier, Arizona news media First report GoDaddy employees received an email with the subject line “GoDaddy Holiday Party” on December 14. The email informs employees that the company is looking forward to holding an annual holiday party and will issue a “$650 one-time holiday bonus.” The email contains two links and instructs employees to choose their location and fill in some details on the form to ensure that they receive the bonus before the holiday. Unfortunately, the whole proposal is just a test to see if the employees will fall into this scam if bad actors try to redirect employees through malicious links.
Two days later, about 500 GoDaddy employees were told that no bonuses were coming and they had failed the company’s phishing test. GoDaddy’s Chief Security Officer Demetrius is here In a follow-up email, it was written that the failed employees “will need to re-attend security awareness social engineering training.”
Many companies have conducted this type of testing, and this indication indicates that deceptive emails are usually sent from an email address that appears to be from a company account. For example, my boss may try to spoof emails from that address I ended with @gizmondo.com. But GoDaddy has its own email service, and the fake phishing email is sent from an account with the address firstname.lastname@example.org.It is easy to understand why so many workers failed the test, and it is easy to understand why GoDaddy saw such obvious vulnerabilities in its system after the company suffered embarrassment. Data breach Earlier this year.
What is incomprehensible is the cruelty in the setup of the test and the lack of tracking of employees’ expectations of regular bonuses during the year reported by the company Record growth When attending Larger corporate trends Layoffs staff member. Network security is important for companies like GoDaddy, but the same tests can be conducted, failed tasks can be posted to anyone who fails, and bonuses can still be distributed to everyone.
“GoDaddy takes the security of our platform very seriously. A GoDaddy spokesperson told Gizmodo that we understand that some employees are dissatisfied with phishing attempts and consider it insensitive. We apologize for that. “Although the test imitates today’s reality Try, but we need to do better and be more sensitive to employees. When Gizmodo asked if it planned to issue bonuses, the company did not reply.
For a web hosting company, a data breach can be a huge headache, but if no one wants to work there, and no one wants to work with an organization that puts employees in the hardest time of the hardest generation of the year Treated as dirt, there is nothing that can guarantee safety.