You seem to miss where I said header not from field.
The emails originate from knowb4 or phishme servers and customers whitelist those servers from anti spam/phishing/url inspection to minimise the false positives.
The knowb4 and phishme have their names in as part of the email ehlo exchange and are written into the header for tracking.
Double click the email to open the email into a new window, in the tags panel of the ribbon there is a little arrow pointing to the bottom right, click it and a new box opens. the bottom of that box contains the headers and transaction details of the specific email.
KnowBe4, a popular phishing simulation tool, actually has a built-in rickrolling template.
But are entirely defeated if you make a rule in outlooks saying trash any email that contains knowb4 in the header.
Not only do you pass all phishing tests, but you also don’t get spammed by them when renewal comes around.
Phishme is the same. Add a rull saying trash as my email containing phishme.com in the header.
The emails aren’t from KnowBe4. They are from your HR or CEO or IT department. The links themselves are obvious on the hover though.
You seem to miss where I said header not from field.
The emails originate from knowb4 or phishme servers and customers whitelist those servers from anti spam/phishing/url inspection to minimise the false positives.
The knowb4 and phishme have their names in as part of the email ehlo exchange and are written into the header for tracking.
I’m not seeing the header in Microsoft Outlook. At least the web version. I would love to filter these.
Its an ass to get to in desktop outlook
Double click the email to open the email into a new window, in the tags panel of the ribbon there is a little arrow pointing to the bottom right, click it and a new box opens. the bottom of that box contains the headers and transaction details of the specific email.