If you’ve recently received an email–not sent by your kooky aunt–with the subject line “Check out these kitties! :-),” you may have been the victim of a fake cyberattack. The Wall Street Journal reports that companies are hiring “ethical hackers” to build fake phishing scam emails to test which employees are dumb enough–or big enough cat lovers–to fall for them.
Users who click the link promising more cute cat pics are greeted with a gotcha warning: you’ve been the victim of a simulated cyberattack, ya dummy. If you want cute cat pics, just Google for ’em.
But the deception goes much deeper. Companies can hire firms like Trustwave Holdings, which will do everything from randomly scattering USB drives around to see if employees stick them in their computers to dressing up in disguises to dupe security. Trustwave’s Ryan Jones keeps an arsenal of costumes and frequently employs crutches to “persuade sympathetic people to open locked doors.”
He’s basically the Gene Parmesan of cybersecurity.
The moral of this story? Never trust a man with crutches asking you to “have a peek at the server room.”