We just released a new feature that allows you to test your employees for "CEO Fraud" spear phishing attacks. When you create a phishing email template, you can now specify a Sender Name and a Reply-To email address. (The fields are not mandatory by the way).
Having the Sender Name, it will make the phishing emails look more real, the name will be displayed by the email client when the user receives the email. The reply-to will help with scenarios like when you spoof an email address as the sender, let’s say your CEO’s email.
KnowBe4 research shows that about 30% of users will reply to emails that purportedly come from the CEO, so when they reply, the reply-to email address will be used instead of the CEO email address. This allows you to set up a throw-away Gmail account to receive these answers from employees, and at that point can correct this behavior with another pass through a training module.
CEO Fraud, which the FBI also calls 'Business Email Compromise' is the new crime wave that you need to prevent from happening. Correct policy and procedures related to bank wires, combined with effective security awareness training is a must these days. Find out how affordable this is for your organization and be pleasantly surprised.
