The company I work for contracts with an outside party, the folks at KnowBe4 to conduct fake phishing attempts on employess.

These annoyed me at first, but then I figured out a mail rule that would send them right to my junk mail folder. Our company, however, then moved to a different system for delivering us the fake phishing attempts, and now I can’t filter them out any more.

Usually I find phishing attempts pretty transparent – but this one almost got me:

  • It was sent at 5-something AM. I first saw it at 6-ish AM. I don’t do my best mental work at 6 AM.
  • I sure hate to be late on getting my work done.

Tapping on the message, this is what I saw first:

Microsoft Planner phishing attempt

And – yikes. Eight late assignments? Complete these in a few days?!

Luckily I was awake enough to slow my roll and think… what kind of software gives you a warning message that your manager is going to contact you?

Then I realized, uh, I’ve never touched Microsoft Planner.

So I checked the sender …

Microsoft Planner phishing attempt

The fakey domain name finally made it clear.

I’m super glad I didn’t click the link, or I would have had to go through KnowBe4’s remedial don’t-click-links-in-emails training.

Things I re-learned:

  • Don’t check my email at 6 AM. (Better yet, maybe don’t check my email?)
  • Remember to check sender addresses before clicking on links.
  • Don’t use Microsoft products, so you can laugh off common phishing attempts.