Oct26
It was the first day of a conference, and we all gathered together. It started like a prank, but I loved the idea. This is a security awareness lesson that simulates what a malicious link in an email that is attempting to fish an individual might be in real life.
The premise of the exercise is to start by having one individual wear the fish badge without notifying anyone else that this activity is happening. As they go about their day, if someone asks them about the fish badge, They have clicked on the fishing link, and it is now there to wear the badge. They need to share in their words what phishing is and how this stimulates that in real life, and now it’s their turn to go phishing. The exercise continues, and the subject walks around until someone else. Ask them about the fish before passing it on.
You can make it fun by capturing pictures of each person who was caught with the phishing alongside the person who was fishing them and creating a montage of it after the fact, as well as showing the lifecycle of how fishing links and similar threats act activities on average.
Video highlighting the results
https://youtube.com/shorts/XQ9xweyRcKk?si=BN6C_y-JJG4bUXlJ
Keywords: Cybersecurity, IT Strategy, Open Innovation
Friday’s Change Reflection Quote - Leadership of Change - Change Leaders Harness Existing Dissatisfaction
The Corix Partners Friday Reading List - November 7, 2025
The Trust Deficit in Change Programmes
Management of Portfolio complexity a key to Supply Chain responsiveness
Who Revolves Around Your Ambitions? Time to Find Out.
