KnowBe4 Aims to Take a Bite out of CEO Fraud Cash Cow

(Tampa Bay, FL) December 6, 2016 — KnowBe4, provider of the world’s most popular security awareness training and simulated phishing platform, today introduced Phishing Reply Tracking to help IT managers more effectively combat CEO Fraud, one of the fastest growing social engineering schemes. Phishing Reply Tracking is designed to test whether users will interact with “the bad guys” on the other end of a phishing email. CEO fraud, or Business Email Compromise (BEC) as it is referred to by the FBI, has been steadily gaining steam since January 2015, costing the economy over 3 billion dollars, according to the FBI’s Internet Complaint Center (IC3).

 “CEO fraud is harder to detect than a simple phish, as the emails used in these attacks bypass antivirus because they contain no malware,” said Stu Sjouwerman, KnowBe4’s Chief Executive Officer. Email is the number one attack vector into the enterprise. Once inside, cybercriminals can monitor the financial connections and interactions within the company. While they study the key individuals and protocols necessary to perform wire transfers in their target, they learn how to spring a convincing attack, posing as a company executive or an accounting executive.”

Once a cybercriminal has learned what they need to and has launched a CEO fraud attack, it is then left up to the employee to detect the threat. Unless employees are trained with new-school security awareness training and tested with simulated phishing, they can miss vital red flags that can result in a tremendous loss of income.

Phishing Reply Tracking provides the ability to test users with simulated phishing attacks, while also tracking if they will reply to these phishing attacks, a service offering provided only by KnowBe4. Within the KnowBe4 console, replies will be optionally recorded, and the raw data from the reply (in the form of a .eml file) will be available for IT to download if desired.

Phishing Reply Tracking also:

  • Stores the reply-to content (on by default, may be disabled as an option);
  • Includes a customizable reply-to address sub-domain, which allows IT to make the reply-to address look similar to your actual domain; and
  • Tracks out of office replies to allow IT to identify if users include company directories or other information with their out-of-office messages.

Sjouwerman added, “This is an important addition to your security awareness training plan that will help you inoculate users against Business Email Compromise, or CEO fraud. What happens if your users receive an email from a cybercriminal pretending to be your CEO requesting an urgent wire transfer? Will the employee reply back to question the sender for more details or worse, simply confirm that they completed the transfer? Most companies cannot afford to take that risk.”

For more information about Phishing Reply Tracking visit: