The Government of Canada - at least in the justice Depart tests its employees with fake emails.
The CBC reports
An internal survey shows almost 2,000 staff were conned into clicking on a phoney "phishing" link in their email, raising questions about the security of sensitive information. The department launched the mock scam in December as a security exercise, sending emails to 5,000 employees to test their ability to recognize cyber fraud. The emails looked like genuine communications from government or financial institutions, and contained a link to a fake website that was also made to look like the real thing.
... A February briefing note on the exercise was obtained by The Canadian Press under the Access to Information Act. The document indicates there are more such exercises planned — in June, August and October — and that the simulations will be "graduating in levels of sophistication." Those caught by the simulation are notified by a pop-up window, giving them tips on spotting malicious messages.
I think this is very smart practice and shouldn't it be government wide, not just the Justice Department? That is a great place to start though! Actually, this seems like like a great thing to do for the population. As we move toward a digital society we need a head shift about how we protect people and educate them. Some of us who have grown up more digital than others can get pretty smug; oh we don't fall for those emails! But I joke with my wife that as we get older and new strategies emerge then what will we fall for later in life? Government phishing with education behind it could be a great tool for keeping society up to speed on the latest tricks.
I like it I like it alot!
No comments:
Post a Comment