[RKDinOKC]

Oh boy. Started a phishing campaign the week. Sends an email that says we have had a system problem and they need to follow a link and change their password. It is randomly sending to everyone over a week. So far it has sent to 150 or half our users and 40 have clicked the link in the bogus email and tried to change their password entering their current email and password first, yeow. The email and web page for changing password does not look like anything from or in our company. The names are similar, but spelled dfferently and all the addresses including the link to change password the domain spelled different than ours. It's part of a security awareness testing I am managing.

Had a long talk with VP over IT today. Wants me implementing and managing the email security awareness training instead of our training dept. They have had a year and haven't done anything. Also wants me to start taking on the operator tasks on our AS400 (he is the only one doing it now).

VP also told me a certain woman in HR has started complaining about getting sexually explicit spam. Told him we had that problem when we first started using the Barracuda spam filter and people just forwarded the explicit emails to me and I updated the content filters. We haven't had the issue with the Exchange Online filters until this week. None of the current HR staff were here back when the Barracuda was being trained. Wonder what she will think when she is asked to forward that kind of stuff to ME to block it.