Rules keep users from becoming Phish food

I delivered a bittersweet message to a CEO last week.  We had completed an external penetration test that included social engineering and phishing.  While the client had made many improvements since our last penetration test, a couple helpful end-users helped us bypass their security enhancements.  The message I shared went something like this — “The URL filtering solution you deployed …