Let’s Catch A Phish

Don't click on the doughnuts!

Usuf Middya first employee to spot a faux food phishing email.

Don't click on the doughnuts!

The July phishing email test was a teaser about Puff Donuts’ new location supposedly sent from Food and Beverages. Did you click on the fake notice? Usuf Middya, a principle scientist with the Strategic Modeling Technology Department of the Petroleum Engineering and Development admin area, was observant and quick to report the email as spam. 


Although highly tempting to click on the link, this email had all the hallmarks of a phishing email test, including:


• A suspicious domain (Food & Beverages <fandb@forkandtablemag.net>)

• An attractive subject (“New Coffee Corner”)

• A large, bright red external tag (“PHISHING ALERT”)

• Several misspelled words (“coffe” and “locatoins”)

• An embedded link (“Click Here”).


The top three positive performing organizations

1. Pipelines, Distribution & Terminals

2. Northern Area Oil Operations

3. Southern Area Oil Operations


Thank you

The Information Security Department would like to extend its gratitude and appreciation to the top three positive performance organizations for their noticeable efforts in scoring the lowest negative behavior; along with the highest positive behavior for the July simulated Phishing Email Test. Such efforts reflect positively on Aramco cybersecurity user behavior and elevates the resilience of Aramco’s core business.


You are currently using an older browser. Please note that using a more modern browser such as Microsoft Edge might improve the user experience. Download Microsoft Edge