That was my original idea, although it just doesn't seem like it would have the same impact. I figure that if they actually see something happen it'll get the point across a little more effectively. Maybe I'll try the spoofed e-mail/holiday card first and if I get plenty of clicks, I'll move onto the over the top methods.
On Wed, Dec 1, 2010 at 8:11 AM, Ron Gula <[email protected]> wrote: > On 11/30/2010 8:27 PM, Brian Schultz wrote: > > I'm tired of explaining to my family the reasons for not opening e-mails > > or attachments from unknown sources and then having them forward me some > > sketchy e-mail saying "this is so funny, check it out". I'm sure there > > are plenty of you out there in the corporate world that can relate with > > your users. > > If you think it would help, sure, pen test them. However, you could be > just as effective with a spoofed email that looked authentic. Send them > a spoofed email from Walmart, Target, .etc that when they click on it, > they get a holiday message from their hacker relative. > > My father in law brought his PC to Thanksgiving dinner infected with > ThinkPoint. He's 80+ and thought that the software he got was from > Walmart. Pen testing him would not help. > > -- > Ron Gula, CEO > Tenable Network Security > http://www.tenable.com > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
