Posted on

Phishing Tests Are Necessary. But They Don’t Need to Be Evil.


Although phishing tests can be helpful to protect users, using questionable tactics has the potential for harming relationships between a company and its employees. The authors suggest that managers avoid this damage by employing phishing tests with three criteria: Test teams, not individuals; don’t embarrass anyone; and gamify and reward.

Last December, the website hosting company sent 500 employees an email offering a $650 holiday bonus. Unfortunately, the bonus emails were not sent in appreciation for their record year, as indicated by the email — it was a phishing test. Those who clicked the link were rewarded, not with a …

Read More