people should honestly be fired over things like that.
The entire email that was sent out had every red flag for a phishing attempt that you could possibly imagine. absolutely no information in the email that wasn't easily obtainable public information. They sent a username and password, the username was my first name, the password was "<parent-company-name>1", things like that.
yet they were all over a PO who tried to send out gift cards via amazon as a security flaw. and refused to release the emails when the PO reached out to them about it.
there's a reason I don't have much respect for "security" people.
The entire email that was sent out had every red flag for a phishing attempt that you could possibly imagine. absolutely no information in the email that wasn't easily obtainable public information. They sent a username and password, the username was my first name, the password was "<parent-company-name>1", things like that.
yet they were all over a PO who tried to send out gift cards via amazon as a security flaw. and refused to release the emails when the PO reached out to them about it.
there's a reason I don't have much respect for "security" people.