It’s all very scrooge…
Roll on Friday
Baker McKenzie has used the Christmas Spirit to test its staff’s resistance to hackers, promising them vouchers which turned out to be bait.
Staff at the global firm’s London office received an email from “Baker HR” thanking them for all their hard work this year and inviting them to click the link to redeem a voucher by way of thanks.
But instead of getting credit to spend on wintery treats, they were taken to a “festive warning” which explained they had fallen for a phishing scam, and should not click on suspicious links.
“Merry Christmas one and all!” said a source of the bait-and-switch.
Phishing drills won’t work unless they’re sufficiently convincing and tempting, and the results of a genuine intrusion can be expensive (ask A&O Shearman). Unfortunately, however necessary they are, delighting people with something nice only to reveal it’s a trick and they’ve been foolish does seem to rub them up the wrong way.
There was “incredulity” at Knights last year when lawyers received emails awarding them pay rises which turned out to be a scamming exercise. Knights staff said it went down “like a lead balloon”. At Bakers it was more like a Christmas pud.
A spokesperson for Baker McKenzie told RollOnFriday, “Like those of many other firms across professional services, our IT security teams regularly test our systems through mock ‘spam’ emails and other means to ensure best practice and security of systems. Many phishing attempts around this time of year are based on a similar scenario to this, which is what prompted this email”.
https://www.rollonfriday.com/news-content/baker-mckenzie-fools-staff-fake-christmas-vouchers
