phishing

A phishing campaign is targeting employees with phony email reminders for cybersecurity and phishing awareness training. 

In a clever spin on more widely known phishing methods, hackers are sending emails pretending to be from KnowBe4, a company specializing in training employees to recognize phishing scams. 

Phishing campaign

Source: Cofense.com

The emails prompt their targets to click links to complete “required” training sessions,  which redirect them to spoofed Outlook.com login pages hosted at a Russian top level domain.

The phishing scam was identified by Cofense.com, a security training and phishing prevention firm that has identified the campaign across at least 30 separate websites since April 2020.