ANT Forum

Last week I almost clicked on an email that looked like it was from our HR, but something felt off. Turns out it was a phishing attempt. Makes me wonder how many people in our office would have fallen for it. How do you actually teach people to spot these fakes without just scaring everyone?      

That’s a good point—most folks don’t realize how sneaky phishing emails are now. What helped at my work was running short, real-world “phishing simulations.” Basically, IT would send out fake emails and see who clicked, then do a quick debrief. There’s a set of practical tips and training resources at info security that helped us roll it out. It wasn’t about shaming anyone, just making people more aware of the tricks scammers use. After a few rounds, you could see people getting more cautious and double-checking before clicking anything weird.