My company’s IT department sent an email from IT@*company*.com like this saying *company* has been hacked, click here to change your password ASAP. I did see that the email was from our domain but didn’t click because I knew the only way to change my password was by logging into Windows on my work computer and I was reading on my phone on the train. The email was actually from our IT department and the link apparently led to a page that said “you fell for the phishing scam, be more careful next time!” Jerks.