They submitted a deep fake photo and never did a call.
To prevent a repeat, KnowBe4 is advising its peers in the industry to consider interviewing prospective employees on a video call to ensure they’re real
Oh lol, my company is/was using them to produce testing phishing emails to determine if employees can spot them. It is quite ironic they fell for the ultimate phish.
Ohh cool. Some of our security training is from them. Always seemed to be the most basic stuff too. Pretty awful they couldn’t take the most basic step to ensure a person is who they say they are.
Holy shit, this is classic. The next time I let my ADHD get the better of me and I accidentally click on a link in a spoof phishing email (and, yes, try to log in to whatever account they told me there was a problem with because I’m an idiot, you’re so perfect, shut up) sent as a test by the IT department which results in them requiring me to take some KnowBe4 refresher course, I’m sending them this article and telling them “This one is a freebie.”
They didn’t do one in this case, but I have heard stories of these sorts of malicious actors paying people stateside or elsewhere to take the video interviews. I’ve had to do ID checks on video in recent-ish interviews.
Wait, they hired someone without even having a video call?
Did you expect there to be a portrait of Kim in the background?
Talk about one he’ll of a security oversight for a “security firm”
Maybe they lied in the call and said they weren’t a North Korean hacker. That would be the kind of devious thing a hacker might do.
Hey now, it’s even on the USA visa application:
Do you seek to engage in or have you ever engaged in terrorist activities, espionage, sabotage, or genocide? ☐
They submitted a deep fake photo and never did a call.
Oh lol, my company is/was using them to produce testing phishing emails to determine if employees can spot them. It is quite ironic they fell for the ultimate phish.
Astounding that they never did this.
Wasn’t there a case recently where some hackers in Hk videocalled and faked being a bank guys boss and got him to send over money.
Ohh cool. Some of our security training is from them. Always seemed to be the most basic stuff too. Pretty awful they couldn’t take the most basic step to ensure a person is who they say they are.
Holy shit, this is classic. The next time I let my ADHD get the better of me and I accidentally click on a link in a spoof phishing email (and, yes, try to log in to whatever account they told me there was a problem with because I’m an idiot, you’re so perfect, shut up) sent as a test by the IT department which results in them requiring me to take some KnowBe4 refresher course, I’m sending them this article and telling them “This one is a freebie.”
As someone managing KnowBe4 for our Clients, I’d actually let you pass with it… ;D
Yeah, shows that the internal client is researching security topics
Probably was for a high stress, high turnover position where anyone competent and breathing would do.
Seems weird…but I have totally done two different job interviews where nobody has their camera on.
They didn’t do one in this case, but I have heard stories of these sorts of malicious actors paying people stateside or elsewhere to take the video interviews. I’ve had to do ID checks on video in recent-ish interviews.