Hacker News new | past | comments | ask | show | jobs | submit login
Telling users to ‘avoid clicking bad links’ still isn’t working (ncsc.gov.uk)
4 points by giuliomagnifico on Feb 23, 2023 | hide | past | favorite | 1 comment



What we found in a former org that worked well was to

- Front-end all emails with Proofpoint to modify all URL's to use their redirector which logged who clicked on what links and could also sanitize known malicious links or quarantine emails that were above a particular score. It would be wonderful if there were an open source alternative to this.

- Reward teams for reporting phishing emails as phishing, some of which were fake/test phishing and many were real. The security operations center would reach out to people that clicked dodgy links and sometimes even preemptively quarantine their laptop if it started to exhibit malicious behavior.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: