Phishing Drill

This morning I was looking at my work email in Good, and saw I had a ‘package undeliverable’ email.   Since I dont use my work email address with any deliveries I figured this was phishing.   Because the address is less than a year old, I sighed that my address was already known to spammers and scammers.   When I got to my desk, I took a look at the mail headers just to verify it had slipped past MessageLabs (Symantec.cloud), so I could submit it as a false negative.

The mail headers revealed a ‘phishme’ mail server.   This indicates it is a phishing drill rather than an actual phish. I almost want to click on the link in the message to see what the education message looks like.   Better not so I dont end up on any ‘bad’ list.   I’ve been on the other end of that, looking at the list of people who took the bait and shaking my head.