The US Department of Justice has taken a breather from chasing the bad guys to go phishing.
According to the AP, the department sent out an e-mail to its own staff purporting to be from the "Thrift Savings Plan Account Coordinator"
directing them to a Web site asking for account information.
The more security conscious recipients smelled something phishy and sent out warning e-mails to colleagues.
This prompted the DoJ to admit the message was a hoax designed to test the gullibility of staff. Unfortunately, it's not known how many handed their details over.
I think it's a pretty good idea to test whether those charged with fighting this kind of thing can spot when it happens to them. Does anyone know of any banks carrying out similar experiments?