GoDaddy wins our 2020 award for most evil company email

[Edward78]

https://www.theverge.com/2020/12/24/22199406/godaddy-wins-2020-stupidity-award

BOO GoDaddy BOO, ok delete is was a phising test by the company. Kind of mean still at a time like this.

 

[Thekwango]

Brutal!! And not only that, those that clicked through have to undergo training. Jesus, what utter **** thought that one up!!

 

[Stumble Bum]

I used to work for a bank and they did this sort of thing, although don't think it was as cruel as to say we had a bonus. At least we had a bit of a heads up that a phishing email may one day be sent round and to look out for it.

If you clicked the dodgy link you just had to do some online training. No big deal but getting your employees hopes up of a bonus is pretty low.

 

[arknor]

It's the same sort of thing a legit phishing email would do though.

It's not cruel to be protecting there butts, It's good business sense.


If it's actually from the companies email server though..... and not someone trying to disguise the email address I think that's different

 

[ianh]

Used to get these all the time from our IT staff, the vast majority were so obvious that if you did fall for it then you really did need retraining. For me this isn't "evil" as GoDaddy's IT staff just proved their worth, because if this had been a genuine "hack" look how many people in this IT company fell for it and put the company, the customers and their own job at risk!

 

[Snookums]

Removed

 

[Judgeneo]

Genuinely excellent phishing campaign, even educating people who don't work at GoDaddy

 

[arknor]

It came from gocladdy, was a pretty terrible email if you actually read it.

there's a way to properly disguise the email address it was sent from still? so the email address appears real but then when you inspect the actual "Mailed by" and "Signed" it's clearly not sent by that actual place.

surely staff would be always told to check or be forced to use an email software that clearly displays the info in plain sight.

why don't companies use PGP encrypted mail anyway?

 

[Kenai]

We get these phishing tests routinely, though nothing quite as mean spirited as a fake bonus award in the test emails

 

[Snookums]

Removed

 

[chaparral]

This looks like the e-mail they got

 

[Tephnos]

So it was sent from the actual company email domain?

Hardly a fair phising test then is it.

 

[potatolord]

I used to work for a bank and they did this sort of thing, although don't think it was as cruel as to say we had a bonus. At least we had a bit of a heads up that a phishing email may one day be sent round and to look out for it.

If you clicked the dodgy link you just had to do some online training. No big deal but getting your employees hopes up of a bonus is pretty low.

A previous employer did similar. Around 20% of our staff clicked the link.

Depressing, really...

 

[Chuk_Chuk]

So it was sent from the actual company email domain?

Hardly a fair phising test then is it.

Regardless of what domain it came from, if you read the email and think about it for a minute. It is a pretty stupid email.

Why would you need to sign up for a company bonus?
Why does the company who pays you and has your details on record need you to fill out a seperate form with all these details?

I guess end of the year people tend to relax and switch their brains off.

 

[dl8860]

Last year my company did a similar thing with Christmas hampers, and you had to fill in details to select what you wanted in yours.

Didn't seem remotely cruel to me or anyone else in the office at the time.

 

[LeeUK]

GoDaddy are just a horrible company full stop. The owner shoots wild animals for fun, that is enough for me to not give them any of my money.

When they took over some web hosts that I used I quickly transferred away from them.

 

[xb8browney]

Our company done a test last year, they basically emailed everyone acting as the new corporate travel booking agency asking for details.

 

[smogsy]

So it was sent from the actual company email domain?

Hardly a fair phising test then is it.

perfectly good, anyone can fake a real domain we do it at work all the time

 

[Ceryndrion]

For the record, the email only 'appeared' to be sent from a godaddy email address, the email address does not actually exist, and the email was sent via gophish, and there are a number of warning signs in the email that should have given it away.

Furthermore, the CEO had only weeks before, stated that there were no christmas bonuses this year.

Oh and give over with the 'owner shoots wild animals' rubbish. Bob Parsons has nothing to do with GoDaddy, he sold his shares in 2011, resigned as ceo in 2014, and resigned from the board in 2018. The fact that people keep bringing this up is laughable, just like holding caseking responsible for the actions of former owners of ocuk.

And how many times do we tell people to not click random links in emails? or even double check what they are clicking on? this is phishing 101.

 

[chaparral]

i got the email, I work for godaddy.

Did you past the training course on social engineering ?