• slazer2au@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    5 months ago

    But are entirely defeated if you make a rule in outlooks saying trash any email that contains knowb4 in the header.

    Not only do you pass all phishing tests, but you also don’t get spammed by them when renewal comes around.

    Phishme is the same. Add a rull saying trash as my email containing phishme.com in the header.

    • BlackPenguins@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      5 months ago

      The emails aren’t from KnowBe4. They are from your HR or CEO or IT department. The links themselves are obvious on the hover though.

      • slazer2au@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        5 months ago

        You seem to miss where I said header not from field.

        The emails originate from knowb4 or phishme servers and customers whitelist those servers from anti spam/phishing/url inspection to minimise the false positives.

        The knowb4 and phishme have their names in as part of the email ehlo exchange and are written into the header for tracking.

          • slazer2au@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            5 months ago

            Its an ass to get to in desktop outlook

            Double click the email to open the email into a new window, in the tags panel of the ribbon there is a little arrow pointing to the bottom right, click it and a new box opens. the bottom of that box contains the headers and transaction details of the specific email.