Tribune Publishing staff enraged after phishing test promises $10k bonuses

Employees working on struggling US newspapers take to Twitter to condemn "cruel" practice

The Chicago Tribune building at night

The publishing company behind the Chicago Tribune has reportedly faced a backlash from its employees after an internal phishing assessment appeared to use the lure of fake bonuses in order to test their cyber security awareness.

Tribune Publishing, which owns a number of other US daily newspapers, including the New York Daily News and the Baltimore Sun, issued emails on Wednesday to employees promising bonuses of between $5,000 and $10,000 while also encouraging them to click a fake link, according to The Washington Post.

Employees on Twitter condemned the use of financial reward as a ruse, as well as the timing of the test, given that employees had already been hit with mass layoffs and pay cuts during the pandemic.

The company-wide email, issued on Wednesday morning, appeared to be an official notice from HR with a subject line of "Executive bonuses-Confidential". In the note, each employee a was told they would be receiving a bonus for an "ongoing commitment to excellence at Tribune Publishing".

"We are pleased to inform you that we are providing targeted bonuses between 5,000 and 10,000 dollars this year," the email read. "Tribune Publishing is able to provide this bonus as a direct result of the success created by the ongoing efforts to cut our costs!"

Related Resource

Secrets and lies: How do you build workplace trust?

Sample our exclusive Business Briefing content

Download now

Recipients were directed to log in using a link provided in the email to see their bonus, which they were told could be partially deposited into the company's retirement savings program. However, once clicked, employees were instead directed to a page alerting them to the phishing test, as well as a reminder to follow company rules for staying safe online.

The practice of misleading employees to probe for cyber security weaknesses has divided the community on occasions, with some seeing it as a valuable tool for assessing awareness, and others as immoral.

"Overworked underpaid journalists living under threat of furlough got this scam email offering bonuses... and now it is looking like Tribune Publishing sent it to their own employees just to see who would fall for a phish. Insulting and cruel," Chicago Tribune court reporter, Megan Crepeau tweeted.

In April, in the midst of the pandemic, Tribune Publishing announced mass pay cuts and furloughs in a bid to save money, despite large payouts to shareholders. CEO Terry Jimenez was forced to abandon a company slack channel in the wake of employee criticism immediately following the news, according to Vice.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021
Alkira offers Check Point CloudGuard Security to secure virtual cloud networks
Cloud

Alkira offers Check Point CloudGuard Security to secure virtual cloud networks

29 Sep 2021
Iboss protects web sessions with remote browser isolation
Cloud

Iboss protects web sessions with remote browser isolation

16 Aug 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022