With ruthless devotion to operational security, web hosting firm GoDaddy has duped its employees with a hoax email promising a holiday bonus – which turned out to be a ruse to teach workers about the perils of phishing scams.
The notice, obtained this week by an Arizona NBC affiliate, enticed company personnel with an offer of a one-time “holiday bonus,” only asking that they enter their personal information into a form included on the email in order to guarantee they received the Christmas cash.
“Happy Holiday GoDaddy! 2020 has been a record year for GoDaddy, thanks to you!” the deceptive email said, adding: “Though we cannot celebrate together during our annual Holiday Party, we want to show our appreciation and share a $650 one-time Holiday bonus!”
To ensure that you receive your one-time bonus in time for the Holidays, please select your location and fill in the details.
To the frustration of employees, however, the offer was too good to be true. Those who followed the email’s instructions and filled out the form were soon met with a stern warning: “You’re getting this email because you failed our recent phishing test. You will need to retake the Security Awareness Social Engineering training,”according to local Arizona outlet the Copper Courier. The follow-up message also noted that around 500 GoDaddy employees had failed the test.
Also on rt.com Two teens & 22yo charged with twitter hack that affected accounts of Bill Gates, Elon Musk and other A-listersDays after the hoax email was sent on December 14, the company held a “town hall” event for workers where some anonymously expressed anger at the “tone-deaf” scheme, the NBC affiliate reported.
The company said it had already apologized to its employees for the stunt, acknowledging that it needs "to do better and be more sensitive to our employees."
"GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologized," GoDaddy told AFP in a statement late on Thursday.
The phishing ‘test’ may have been received especially poorly given that it came just months after GoDaddy CEO Aman Bhutani announced a spate of lay-offs amid the economic fallout of Covid-19 and related government shutdown policies, which have ravaged much of the US, and indeed global, economy.
While GoDaddy has fallen victim to far-reaching phishing attacks previously, with Forbes reporting a massive breach in May that impacted some 28,000 customers, netizens were not impressed with the fake email. Commenters savaged the company for the Grinch-like move, with one blasting the firm as “beyond deplorable.”
Some observers pushed back on those condemning the company as a Scrooge, however, calling the move “smart” from a security standpoint. Some also argued that employees who fell for the trick were among “the most gullible user[s] on the planet.”
GoDaddy is not the first company to take heat for a similar stunt, with Tribune Publishing also fooling employees with a promise of a bonus in September in order to root out potential security breaches. The publisher later apologized for the setup – which also followed a company announcement that it would impose pay-cuts and lay-offs in some of its newsrooms – acknowledging that it was “misleading and insensitive.”
Also on rt.com Top economic policy voice under Obama & Clinton says $2,000 stimulus checks could OVERHEAT economy... and even $600 is too muchIf you like this story, share it with a friend!