IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Tribune Publishing staff enraged after phishing test promises $10k bonuses

Employees working on struggling US newspapers take to Twitter to condemn "cruel" practice

The Chicago Tribune building at night

The publishing company behind the Chicago Tribune has reportedly faced a backlash from its employees after an internal phishing assessment appeared to use the lure of fake bonuses in order to test their cyber security awareness.

Tribune Publishing, which owns a number of other US daily newspapers, including the New York Daily News and the Baltimore Sun, issued emails on Wednesday to employees promising bonuses of between $5,000 and $10,000 while also encouraging them to click a fake link, according to The Washington Post.

Employees on Twitter condemned the use of financial reward as a ruse, as well as the timing of the test, given that employees had already been hit with mass layoffs and pay cuts during the pandemic.

The company-wide email, issued on Wednesday morning, appeared to be an official notice from HR with a subject line of "Executive bonuses-Confidential". In the note, each employee a was told they would be receiving a bonus for an "ongoing commitment to excellence at Tribune Publishing".

"We are pleased to inform you that we are providing targeted bonuses between 5,000 and 10,000 dollars this year," the email read. "Tribune Publishing is able to provide this bonus as a direct result of the success created by the ongoing efforts to cut our costs!"

Related Resource

Secrets and lies: How do you build workplace trust?

Sample our exclusive Business Briefing content

Download now

Recipients were directed to log in using a link provided in the email to see their bonus, which they were told could be partially deposited into the company's retirement savings program. However, once clicked, employees were instead directed to a page alerting them to the phishing test, as well as a reminder to follow company rules for staying safe online.

The practice of misleading employees to probe for cyber security weaknesses has divided the community on occasions, with some seeing it as a valuable tool for assessing awareness, and others as immoral.

"Overworked underpaid journalists living under threat of furlough got this scam email offering bonuses... and now it is looking like Tribune Publishing sent it to their own employees just to see who would fall for a phish. Insulting and cruel," Chicago Tribune court reporter, Megan Crepeau tweeted.

In April, in the midst of the pandemic, Tribune Publishing announced mass pay cuts and furloughs in a bid to save money, despite large payouts to shareholders. CEO Terry Jimenez was forced to abandon a company slack channel in the wake of employee criticism immediately following the news, according to Vice.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Cloud security market to hit $106 billion by 2029
cloud computing

Cloud security market to hit $106 billion by 2029

11 Apr 2022
Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021
Alkira offers Check Point CloudGuard Security to secure virtual cloud networks
Cloud

Alkira offers Check Point CloudGuard Security to secure virtual cloud networks

29 Sep 2021

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Why India wants to become a chipmaking powerhouse
components

Why India wants to become a chipmaking powerhouse

28 Jun 2022