Hackers have crippled computer systems in some U.S. cities, so Springfield ran a test to help its workers spot 'phishing' emails; how'd it go?

[InfoSec News <alerts () infosecnews org>]

https://www.masslive.com/news/2019/07/a-constant-battle-with-some-us-cities-paying-high-ransoms-to-hackers-springfield-tries-to-help-city-workers-spot-phishing-emails.html

By Matt Berg
The Republican
July 4, 2019

In the midst of cyber attacks on cities and towns across the United States that 
have crippled municipal networks - and, in some cases, led communities to pay 
six-figure ransoms to hackers - Springfield ran an exercise in June to help 
city employees spot scams by sending them a phony email.

On June 24, a vendor hired by the city sent the email to 856 municipal workers. 
Disguised to look like it came from human resources, the message offered a 
health promotion and included a link to sign up for a free consultation.

It was meant to mimic the type of phishing emails scammers send to obtain data 
and attack a city’s computer system.

"There are people out there with the sole intent to infiltrate corporations. 
That's what they do all day and everyday," said Andrew Doty, chief information 
officer of the city's Information Technology Department.

About 6.5% of the workers who received the email - 55 in all - clicked on the 
link. Another 35 filled in usernames and passwords. Fewer than 10 recipients 
reported the email to the city’s help desk.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_