Tribune employees outraged after brass sends tone-deaf ‘phishing test’

Tribune Publishing, which has permanently shut down at least five of its newsrooms, laying off hundreds of workers, sent an email to employees Wednesday promising bonuses of $5,000 to $10,000 — a tasteless “test” to see whether they would open emails from phishing scammers.

The tone-deaf move enraged employees who have weathered furloughs and pay cuts. Hundreds of workers at the New York Daily News, the Allentown Morning Call and Capital Gazette in Maryland have been told they will have to work from home permanently as newsrooms are being closed.

“We are pleased to inform you that we are providing targeted bonuses between $5,000 and $10,000 dollars this year,” the spoof email sent to employees on Wednesday stated. “Tribune Publishing is able to provide this bonuses as a direct result of the success created by the ongoing efforts to cut our costs.

“We want to thank you for your ongoing commitment to excellence at Tribune Publishing and to congratulate you on your outstanding performance!”

The phishing test then invited employees to log in to see their year-end bonus. For those who did, a big pop-up banner appeared on the screen saying: “Oops! You clicked on a simulated phishing test,” along with an advisory of rules to follow to “stay safe online.”

Staffer Justin Fenton tweeted: “After slashing our staff, closing newsrooms, furloughing reporters and cutting pay during a pandemic, @tribput thought a neat lil way to test our susceptibility to phishing was to send a spoor email announcing large bonuses. Fire everyone involved.”

A company spokesman defended the use of the spoof email, before apologizing.

“Today the company conducted a regular, internal test to assess and reduce its current phishing and malware risk level,” the spokesman acknowledged. “Based on input provided by the company’s cybersecurity team and advisors, the content of that test included language regarding employee bonuses. Having fallen victim to attacks of this nature before, the company recognized that bad actors use this type of language regularly, and decided to use the language to simulate common phishing scams.”

The spokesman then apologized.

“The company had no intention of offending any of its employees. In retrospect, the topic of the email was misleading and insensitive, and the company apologizes for its use.”

Share this article:

Source: Read Full Article