U.S. Military, Agencies to Phish Their Workers

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Somehow, this doesn't strike me as a good idea. :-)

Via FCW.com.

[snip]

The military services and some agencies, including the Homeland Security
Department and the Department of Veterans Affairs, can launch diagnostic
phishing attacks against their own workers.

The government-sanctioned attacks will be designed to test how well federal
workers adhere to organization's e-mail security policies.

The agencies will launch the attacks will Core Security Technologies' CORE
IMPACT penetration testing software. The IMPACT software will send keep
track of how many employees click on the malicious links. With that
information, agencies can gauge the effectiveness of their IT security
education program.

[snip]

More:
http://www.fcw.com/article97147-12-18-06-Web

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.2 (Build 4075)

wj8DBQFFiDSIq1pz9mNUZTMRAjMDAJ48kt6D6Og5CcnctDrzPr+WH+BfogCePDGi
+bxRBI1zclMI/WIKUryakOQ=
=WPr6
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.