Yeah, when our security team does phishing audits, clicking a link in the email without doing anything else is usually considered a soft failure. I guess this would cause everyone to fail and they'd have to ignore that result.
Yeah, when our security team does phishing audits, clicking a link in the email without doing anything else is usually considered a soft failure. I guess this would cause everyone to fail and they'd have to ignore that result.
I guess that in some cases you can host the service on the tested company's Intranet, so MS servers wont be able to connect to it (but nor would people in home office without VPN).