An internet domain company sent employees an email for their holiday bonus which turned out to be a phishing 'test'.
GoDaddy has now been slammed for the 'hoax' from people claiming the move - which happened on 14 December - was insensitive.
According to Fox Business, around 500 employees clicked on the email which was offering a Christmas bonus of $650 (£485). They were asked to fill out a form with personal information.
Advert
The email was obtained by Phoenix TV-station KPNX. They wrote: "Happy Holiday GoDaddy! 2020 has been a record year for GoDaddy, thanks to you!
"Though we cannot celebrate together during our annual Holiday Party, we want to show our appreciation and share a $650 one-time Holiday bonus!
"To ensure that you receive your one-time bonus in time for the Holidays, please select your location and fill in the details by Friday, December 18th."
Days later, another email was sent to staff from the company's security chief. That one followed up saying: "You are receiving this email because you failed our recent phishing test." Anyone that had filled out the form were asked to retake the Security Awareness Social Engineering training.
In a statement, a GoDaddy spokesperson told LADbible: "GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologised.
Advert
"While the test mimicked real attempts in play today, we need to do better and be more sensitive to our employees."
According to the Mirror, within the past year, GoDaddy has fallen prey to data breaches and scams.
Ken Colburn of Data Doctors told the publication: "The line level employees in a company have always kind of been the prime targets for hackers.
"Getting them to be really much more suspicious, that's an important task. But doing it in a way that's not going to upset the employees is equally as important."
Advert
Earlier this year, 1,000 people in the UK were hit in just one day with a PayPal email scam. The emails stated that the recipient's account has been 'limited' as a result of a policy violation and they were prompted to update their account by clicking on a link in the email.
The links took victims to legitimate-looking websites that are designed to steal PayPal login details, as well as personal and financial information.
Featured Image Credit: PA