Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How Not to Teach Your Team About Phishing, Courtesy of GoDaddy

How Not to Teach Your Team About Phishing, Courtesy of GoDaddy

GoDaddy—the domain registrar and web-hosting company once famed for its risqué advertisements—is facing some significant backlash for a much different reason. On December 14th, GoDaddy’s employees received an email that appeared to be from the company, promising a holiday bonus. However, while the email was from the company as it appeared to be, it was actually a phishing test that the hosting provider decided to run.

Let’s consider the situation:

GoDaddy’s Phishing Message:

When they checked their email on December 14th, GoDaddy’s employees found an email waiting for them in their inboxes, sent from “Happyholiday@Godaddy-dot-com”. Upon opening it, they found the following message, under a large picture of a snowflake emblazoned with the company’s name and “Holiday Party.” Get ready, it’s a doozy:

---

Happy Holiday GoDaddy!

2020 has been a record year for GoDaddy, thanks to you!

Though we cannot celebrate together during our annual Holiday Party, we want to show our appreciation and share a $650 one-time Holiday bonus! To ensure that you receive your one-time Bonus in time for the Holidays, please select your location and fill in the details by Friday, December 18th.

US

EMEA

Any submittals after the cutoff will not be accepted and you will not receive the one-time bonus of $650 (free money, claim it now!)

We look forward to celebrating with you again, in person next year!

---

However, no bonus reportedly awaited the approximately 500 employees who excitedly clicked through the links. Instead, they received an email from the company’s security chief two days later, informing them that they had failed the phishing test and would therefore need to retake the company’s Security Awareness Social Engineering training.

As you can imagine, this did not sit well for many of these employees… especially considering that the “record year” GoDaddy experienced came only after hundreds of employees were either reassigned or laid off entirely. Combining that with the fact that a data breach ultimately exposed 28,000 of GoDaddy customers’ credentials earlier this year, and the comments seem especially ill-advised.

GoDaddy has since released an apology for their mean-spirited bait-and-switch phishing test, releasing a statement. According to a spokesperson, “GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologized.” While the company felt that the lesson was an important one to impart to their team members, there has been some acknowledgement that this was an insensitive means of doing so.

GoDaddy Isn’t the Only Company to Do This

Other companies and organizations have used similar tactics as they have worked to evaluate their internal phishing preparedness. One example came in September, when Tribune Publishing sent out a company email trying to phish employees with the promise of a targeted bonus ranging somewhere between $5,000 and $10,000. The Tribune’s attempt was also derided by the employees affected by it, one reporter tweeting that the level of cruelty was “stunning.” That company also apologized for its use of a “misleading and insensitive” email.

However, Phishing Can’t Just Be Ignored

While these companies certainly took the wrong approach to educating their users, the point still stands that phishing is a very serious risk for businesses today to contend with.

Instead of taking this approach, there are other ways to help educate your team, through seminars or even other internal evaluations. The primary issue really came from the fact that GoDaddy took advantage of a monetary promise to their employees during a time when many people are already financially strapped, with seemingly no intention of giving them this bonus.

Obviously, this is a situation that nobody wants to find their organization in, just as nobody wants their organization to be phished. However, with Total Tech Care, there are ways to prevent the latter. Give our team a call at 866-348-2602 to learn more about how we can help you fight back against phishing, without alienating your employees.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 25 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Software Efficiency Google Business Network Security Internet Microsoft Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices IT Services Hardware Android VoIP Disaster Recovery communications Smartphones Communication IT Support Business Continuity Miscellaneous Smartphone Mobile Device Browser Small Business Network Collaboration Productivity Cybersecurity Quick Tips Users Business Management Phishing Managed IT Services Windows Upgrade Data Backup Outsourced IT Ransomware Windows 10 Cloud Computing Office Data Recovery Server Save Money Passwords Windows 10 Chrome Gadgets Virtualization Tech Term Social Media Saving Money Holiday Microsoft Office Managed Service Automation Managed IT Services Operating System Artificial Intelligence Facebook Computers Cybercrime Internet of Things Hacking Wi-Fi BYOD Mobile Device Management Health Networking IT Support Remote Information Office 365 Alert Telephone Systems Information Technology Covid-19 Managed Service Provider Spam Social Engineering Mobility Recovery Employer-Employee Relationship Bandwidth Router BDR Big Data App History Password Money Mobile Computing Data Breach Encryption Application Human Resources Applications Remote Monitoring Law Enforcement Private Cloud Managed IT Data Storage Patch Management Office Tips Training Apps VPN Remote Computing Government Blockchain How To Mobile Office Paperless Office Infrastructure Voice over Internet Protocol Flexibility Vulnerability Bring Your Own Device Data Management Wireless Work/Life Balance Windows 7 Marketing Word WiFi Gmail IT solutions Entertainment Servers Website Settings Budget Google Drive Two-factor Authentication Data Security Mouse Avoiding Downtime HaaS Meetings Machine Learning Connectivity Remote Work Save Time Risk Management Hacker Conferencing Vendor Managed Services Cleaning Scam Display The Internet of Things Lithium-ion battery End of Support Vendor Management Employee/Employer Relationship Data Protection USB Physical Security Education RMM Firewall Safety HIPAA Sports Redundancy Virtual Reality Apple Keyboard Social User Error Staff Software as a Service Telephone System Net Neutrality Workplace Strategy Document Management Wearable Technology Help Desk Retail Hard Drives Update Solid State Drive Wireless Technology Hiring/Firing Printing Downtime Instant Messaging How to Excel Robot Google Docs Virus Data storage Biometrics Identity Theft Automobile Managed Services Provider Unified Threat Management Virtual Desktop Computer Accessories Database Business Intelligence Computing Infrastructure DDoS Audit Remote Workers Going Green Worker Augmented Reality IT Management SharePoint Fraud Processor Remote Worker Botnet Printer Bluetooth IT Plan Battery Hard Drive Shadow IT Cryptocurrency Customer Service Environment Legal Unsupported Software Fax Server Internet Exlporer Charger Comparison Computing IT Consultant CES PDF SaaS Compliance Computer Care OneNote Humor Current Events Content Management Telephony Proactive IT Business Technology Samsung Digital Signage Network Congestion Access Control Best Practice eWaste YouTube Virtual Assistant Black Market Value Authentication Spam Blocking Procurement Electronic Medical Records Social Network Loyalty Project Management Nanotechnology Cost Management Telecommuting Search WIndows 7 Screen Mirroring Frequently Asked Questions iPhone Investment Books Social Networking Cortana Digital Signature Mobile Employees Windows 10s Employee/Employer Relationships Warranty ISP Windows 365 Cast Tip of the week Video Conferencing Files webinar ROI Running Cable Emergency HVAC Google Apps Shortcuts Analysis Memory Professional Services Sales Public Cloud Bitcoin Chromecast Employer Employee Relationship Personal PowerPoint Assessment Administrator Cryptomining Windows Media Player Devices Point of Sale User Windows Server 2008 Supply Chain Management Colocation Uninterrupted Power Supply Enterprise Content Management Accountants Tools Monitoring Batteries MSP Digitize Monitor Television Microchip Thought Leadership Credit Cards Windows 8.1 Managing Stress Science Windows Server 2008 R2 Password Management Password Manager Multi-Factor Security Customer relationships Cameras IT Assessment Reputation Public Computer Search Engine Manufacturing Streaming Media Twitter Email Best Practices Content Regulations Tech Support Distributed Denial of Service Transportation NIST Customer Relationship Management Business Mangement Rootkit Security Cameras Smart Tech Analyitcs Trending Computer Tips Techology Computer Fan Managed IT Service Laptop OneDrive Customers Biometric Security Addiction Programming Amazon Virtual CIO Recycling Audiobook Peripheral Workers Benefits Printer Server Wiring Practices Digital Security Cameras FENG Using Data Touchpad Copiers IBM 5G Antivirus Cache Amazon Web Services Criminal Windows 8 Politics Flash Quick Tip Advertising Smart Technology Safe Mode GDPR Smartwatch IT service Hosted Computing Ergonomics Software Tips Development Supercomputer OLED Notifications Wireless Internet Online Shopping Tablet Sync PCI DSS Emails Virtual Machine File Sharing Camera Employee Domains Inventory Specifications 2FA Fiber Optics Messaging Relocation Cabling Wire Evernote Maintenance Travel Policy Netflix Hypervisor IaaS Two Factor Authentication Printers Bloatware Millennials Dark mode Video Games Root Cause Analysis Trend Micro Worker Commute HBO SMS Knowledge Default App Music Smart Office Wireless Charging Tablets Experience Skype Procedure Consultant Saving Time Shopping Analytics Virtual Private Network Google Search Entrepreneur Workforce dark theme Scalability Data loss Business Owner Outlook AI Leadership IT Infrastructure Troubleshooting Cables Bing Shortcut Start Menu FinTech Best Available NarrowBand

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code