Highly targeted phishing attacks, known as Business Email Compromise (BEC) or CEO fraud scams have exceeded $12.5 billion in total known losses worldwide. According to the Verizon Data Breach Investigation Report (DBIR) 2023, BEC was one of the most common pretexts for a data breach. Given the quick rise in BEC attacks, it’s important to ensure your users can identify and defend against these threats.

To start, find out how many of your users fall for a spoofed email. Our partners at KnowBe4 put together a free tool for our customers to use. The KnowBe4 phishing test can help you check to see if key users in your organization will reply to a highly targeted impersonation attack. Once you get the results, the next step is to educate your users on the red flags of phishing and other social engineering tactics through comprehensive security awareness training.

What is BEC?

Business Email Compromise is an email-based form of social engineering attack that is designed to get the targeted individual to perform an action, such as transferring money. Often, these attacks are used by hackers to impersonate your CEO, CFO, or even third-party organizations you work with. They convince your users, often in Accounting, HR, or even IT into making wire transfers or other sensitive transactions because they “own” the keys to the kingdom.

In fact, according to a recent Barracuda report, 60% of pretexting email attacks do not involve any link. These attacks are clever and dangerous because they bypass your traditional approaches to email security by avoiding malicious links or attachments.

KnowBe4 Phishing Test: Find out how many of your users take the bait & reply to a spoofed email.

Our partner KnowBe4’s Phishing Reply Test (PRT) is a new and free IT security tool. With this tool, you’ll get quick insights into how many users will fall for a spoofed email so you can take action to train your users and better protect your organization from these fraudulent attacks!

Identify which users take the bait and reply to a spoofed email before the bad guys do. The results may surprise you!

Here’s how it works:

Immediately start your test with your choice of three phishing reply scenarios.
Spoof a Sender’s name and email address your users know and trust.
Phishes for user replies and returns the results to you within minutes.
Get a PDF emailed to you within 24 hours with the percentage of users that replied.

Related articles