@sfleetucker nah--just clicked a link. Which is bad enough these days...

@rpardee Ok, so a mistake, but not a credential exposure. :)

@sfleetucker yeah. And it was sent by my corporate IT group & so the link was to a "gotcha!" sort of page rather than something that would e.g., install malware on my machine.

The gotcha page said that depending on how many of these I've been fooled by, I may be assigned remedial infosec compliance training.

It's a good system, this is just the first time I got fooled.

@rpardee Ours are a bit more cynical and try to get folks to provide credentials, to see what level of training is needed.

@sfleetucker woah--diabolical

@rpardee No, just makes it clear the difference between "oops I clicked a bad link" and "I ignored all the damn warning signs and put my secure credentials in."

@sfleetucker ah, that's a good point.

I shudder to think how far I would have gone to chase down my supposedly denied expense report...