GoDaddy concluded that December would be a good time to test whether its employees remain vigilant when it comes to cybersecurity threats. At a time when its employees are trying to manage a holiday season with a pandemic and infectious disease, the web hosting giant sent a phishing email with an offer that was too good to be true and now it’s sad.
Arizona-based news center The Copper Courier it was first reported that GoDaddy staff received an email on 14 December with the subject line “GoDaddy Holiday Party. The email informed employees that the company is looking forward to the annual holiday party and will be handing out a $ 650 one-time vacation bonus. ” Two links were submitted to the email and staff were asked to select their location and fill in some details on a form to ensure they received the bonus before the holidays. Unfortunately, the whole offer was just a test to see if employees would fall for such a scam if a bad actor tried to redirect with a malicious link.
Two days later, about 500 GoDaddy employees were told that no bonuses were coming and that they had not passed a physical phishing test. GoDaddy Demetrius’ chief security officer is coming I wrote in the follow-up email that employees who fail “Social Security training must regain Security Awareness.”
Many companies do such tests and the sign is usually to say that a fake email is sent from an email address that appears to be from a corporate account, for example, perhaps that my boss will try to send me an email from an address ending in @ gizmondo.com. But GoDaddy runs its own email service and the fraudulent phishing email was sent from an account with the address, [email protected]. It’s easy to see why so many employees failed the test, and it’s easy to see why GoDaddy would see such fragility in its systems after the company just suffered embarrassment. data breach earlier this year.
What is not understandable, is the hardship involved in setting up this test and the lack of continuity that an employee expects for a normal bonus in a year when told company record growth while participating in it the largest physical movement of giving birth staff. Cybersecurity is important for a company like GoDaddy but this same test could be done, training orders could be issued to anyone who failed, and bonuses could be paid. delivery to all.
G / O Media may receive a commission
“GoDaddy takes the security of our platform very important. We understand that some employees were upset with the phishing attempt and we felt it was insensitive, and we have apologized, ”a GoDaddy spokesperson told Gizmodo . “While the test was like real efforts in play today, we need to do better and be more aware of our staff.” The company did not respond when asked by Gizmodo if it is time to the idea of awarding the bonuses.
Data breaches can be a headache for a web hosting company but no one wants to work in it and no one wants to do business with an organization that treats its employees like dirt at the moment. hardest in the hardest year in a generation, then ‘there will be nothing to keep it safe.