this post was submitted on 23 Oct 2025
1138 points (99.4% liked)

Programmer Humor

27104 readers
4173 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
anzo@programming.dev
Feyter@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
1138
Free iphone (piefed.europe.pub)
submitted 1 week ago by tfm@piefed.europe.pub to c/programmer_humor@programming.dev
77 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] jake_jake_jake_@lemmy.world 64 points 1 week ago (3 children)

we do monthly phishing tests and some of our people are so bad that we put in the test email "this is a phishing email, do not click sign in" above and below the sign in box and they still give creds

[–] rustydrd@sh.itjust.works 18 points 1 week ago (1 children)

"Blah blah blah... 'click sign in'... Okay, gotcha!"

[–] UnderpantsWeevil@lemmy.world 1 points 6 days ago

Some hackers exploited two factor authentication recently by playing on this exact impulse.

Sent a message that looked identical to the two-factor notice and got people to reflexively turn over their private keys.

[–] GreenKnight23@lemmy.world 11 points 1 week ago (1 children)

seccomp sent pre-notice emails out about the phishing tests that were coming.

75% of the company reported the pre-notice email as phishing (even the CEO).

we did it mostly because the seccomp team was a huge thorn and caused so many unnecessary delays due to them injecting themselves into every single process.

the CSO quit soon after and some of their lackeys with them. we then hired a competent leader that worked with the org to meet compliance and regulatory requirements instead of being a blocker.

[–] Honytawk@feddit.nl 4 points 6 days ago

People see the word "phishing" and automatically remember that phishing mails exist, so their first reaction is to report them, not read them.

Had to setup a fake phishing system as well.

Before the training was setup, people rarely reported mails. But the moment we send out mails about the phishing training, a ton of those got reported.

If phishing mails actually told you they were phishing, we wouldn't need training.

[–] Electricd@lemmybefree.net 2 points 6 days ago (1 children)

Sometimes just clicking is counted as a fail.

I click on phishing links just to see how bad the websites are

Yes yes I know about 0days but they're rare

[–] jake_jake_jake_@lemmy.world 1 points 6 days ago (1 children)

It is considered a fail, and then inputting passwords in the form is a super fail.

[–] Electricd@lemmybefree.net 1 points 6 days ago

yea but I find that annoying