GitLab Phishes Employees and 20% Get Hooked

Gitlab did a random sample test of their employees and 20% were hooked…

Attacker targeting GitLab employees with the goal of obtaining credentials

Scope
All GitLab team members

  Goals

    - Trick a sampling of GitLab team members into exposing their GitLab.com credential
    - Do not actually capture passwords - username only
    - Increase awareness of phishing techniques and how to identify a potential phish

Outcomes

    - A random sampling of 50 GitLab team members was selected
    - 17/50 (34%) of targets clicked on the phishing link in the email
    - 10/17 (59%) exposed their GitLab.com credential
    - 6/50 (12%) reported the email as suspicious to SecOps

Featured Webinars


Advanced Phishing and
Training

Monday 1:30 PM – 2:30 PM
» Learn More
Outlook Phish Alert Button
Tuesday 1:30 PM – 2:30 PM
» Learn More
Customizing Phishing Templates, Landing Pages, & Training Notifications
Wednesday 1:30 PM – 2:30 PM
» Learn More
Active Directory Integration
(ADI) Setup

Thursday 1:30 PM – 2:30 PM
» Learn More
Gold/Platinum/Diamond
Features

Friday 1:30 PM – 2:30 PM
» Learn More

Privacy Policy | Terms of Service