Don't click on the doughnuts!
Usuf Middya first employee to spot a faux food phishing email.
The July phishing email test was a teaser about Puff Donuts’ new location supposedly sent from Food and Beverages. Did you click on the fake notice? Usuf Middya, a principle scientist with the Strategic Modeling Technology Department of the Petroleum Engineering and Development admin area, was observant and quick to report the email as spam.
Although highly tempting to click on the link, this email had all the hallmarks of a phishing email test, including:
• A suspicious domain (Food & Beverages <email@example.com>)
• An attractive subject (“New Coffee Corner”)
• A large, bright red external tag (“PHISHING ALERT”)
• Several misspelled words (“coffe” and “locatoins”)
• An embedded link (“Click Here”).
The top three positive performing organizations
1. Pipelines, Distribution & Terminals
2. Northern Area Oil Operations
3. Southern Area Oil Operations
The Information Security Department would like to extend its gratitude and appreciation to the top three positive performance organizations for their noticeable efforts in scoring the lowest negative behavior; along with the highest positive behavior for the July simulated Phishing Email Test. Such efforts reflect positively on Aramco cybersecurity user behavior and elevates the resilience of Aramco’s core business.