National IT team for this pilot fish’s organization sends out an urgent security alert to forward to all local users — with a message attached.
“The message was a phishing spam,” says fish. “And a poorly disguised one at that, full of misspellings in its instructions to follow a link and fill in a form to reactivate e-mail.
“But the alert message contained the live link, and there was no way I was going to send this to my users. So I waited to see what developed.”
A few moments later, fish’s regional manager forwards the same message, with the same live link, and instructs everyone on the mailing list to warn their local users.