KnowBe4 Aims to Take a Bite out of CEO Fraud Cash Cow

KnowBe4, provider of the world’s most popular security awareness training and simulated phishing platform, today introduced Phishing Reply Tracking to help IT managers more effectively combat CEO Fraud, one of the fastest growing social engineering schemes. Phishing Reply Tracking is designed to test whether users will interact with “the bad guys” on the other end of a phishing email. CEO fraud, or Business Email Compromise (BEC) as it is referred to by the FBI, has been steadily gaining steam since January 2015, costing the economy over 3 billion dollars, according to the FBI’s Internet Complaint Center (IC3).

“CEO fraud is harder to detect than a simple phish, as the emails used in these attacks bypass antivirus because they contain no malware,” said Stu Sjouwerman, KnowBe4’s Chief Executive Officer. “Email is the number one attack vector into the enterprise. Once inside, cybercriminals can monitor the financial connections and interactions within the company. While they study the key individuals and protocols necessary to perform wire transfers in their target, they learn how to spring a convincing attack, posing as a company executive or an accounting executive.”

Once a cybercriminal has learned what they need to and has launched a CEO fraud attack, it is then left up to the employee to detect the threat. Unless employees are trained with new-school security awareness training and tested with simulated phishing, they can miss vital red flags that can result in a tremendous loss of income.

Phishing Reply Tracking provides the ability to test users with simulated phishing attacks, while also tracking if they will reply to these phishing attacks, a service offering provided only by KnowBe4. Within the KnowBe4 console, replies will be optionally recorded, and the raw data from the reply (in the form of a .eml file) will be available for IT to download if desired.

Phishing Reply Tracking also:


  • Stores the reply-to content (on by default, may be disabled as an option);
  • Includes a customizable reply-to address sub-domain, which allows IT to make the reply-to address look similar to your actual domain; and
  • Tracks out of office replies to allow IT to identify if users include company directories or other information with their out-of-office messages.

Sjouwerman added, “This is an important addition to your security awareness training plan that will help you inoculate users against Business Email Compromise, or CEO fraud. What happens if your users receive an email from a cybercriminal pretending to be your CEO requesting an urgent wire transfer? Will the employee reply back to question the sender for more details or worse, simply confirm that they completed the transfer? Most companies cannot afford to take that risk.”

About KnowBe4

KnowBe4, the provider of the world’s most popular integrated new school security awareness training and simulated phishing platform, is used by more than 6,500 organizations worldwide. Founded by data and IT security expert Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO Fraud and other social engineering tactics through a new school approach to security awareness training. Kevin Mitnick, internationally recognized computer security expert and KnowBe4’s Chief Hacking Officer, helped design KnowBe4’s trainings based on his well-documented social engineering tactics. Thousands of organizations trust KnowBe4 to mobilize their end-users as a first line of corporate IT defense.


Topics: Speaking Engagements, FBIStu Sjouwerman, Global Ghost Team, Phishing Reply Tracking, business email compromise, CEO fraud, Chief Hacking Officer, IT managers, security awareness training, simulated phishing, ransomware, Internet Complaint Center, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

The Growth of Third-Party Software Supply Chain Cyber Attacks

When testing your employees' social engineering readiness, your teams need simulated attacks that feel as if they’re coming from a nefarious engineer...

Read more ›

Bypassing Key Card Access: Shoring Up Your Physical Security

As you build additional layers of defense into your cybersecurity framework, it's important to implement physical security strategies as well.

Read more ›

How to Prioritize Your Pentesting Report’s Remediation Recommendations

If you recently received a penetration test, you’re on the right track to improving your cybersecurity posture. However, you may be wondering what the..

Read more ›