Using your KnowBe4 console, you can test your users with many different attack vectors. One of the ways you can test your users is to add attachments to your phishing tests to see whether or not your users will open them.
If you don't want your users to be tested with phishing emails that include attachments, you can disable any attachment attack vectors from the Phishing section of the Account Settings page. See this article to learn more.
A list of all our attachment types, the different failures they record, and a brief description of what your users will experience is shown below:
Attachment Type | File Extension | Failure Types Recorded | User Experience |
Word Document | .docx | Attachment Opened, Clicked | The file will contain a prompt for the user to click a link in order to view the document. |
Word Document with Macro | .doc, .docm | Attachment Opened, Macros Enabled, Clicked |
The file will prompt the user to enable macros to view the content of the file. If they enable macros, they will be taken to the landing page selected on the phishing campaign or template. The macros are beaconized to "call home" to our servers in order to track that macros were enabled. The file will also prompt the user to click a link. If the user clicks the link, they will also be taken to the selected landing page. The .docm version can be used if the .doc version is causing an additional warning prompt for your users. |
PowerPoint Document | .pptx | Attachment Opened | The file will contain steps for the user to follow to view the PowerPoint presentation. This attachment will not take the user to a landing page. |
PowerPoint Document with Macro | .pps | Attachment Opened, Macros Enabled | If the user clicks on content in the file, they will be prompted a second time to enable macros to view content. If they enable macros, they will be taken to the landing page selected on the phishing campaign or template. The macros are beaconized to "call home" to our servers in order to track that macros were enabled. |
Excel Document | .xlsx | Attachment Opened, Clicked | The file will contain a prompt for the user to click a link in order to view the document. If they click the link, they'll be taken to the landing page selected on the phishing campaign or template. |
Excel Document with Macro | .xls, .xlsm | Attachment Opened, Macros Enabled, Clicked |
The file will prompt the user to enable macros to view the content of the file. If they enable macros, they will be taken to the landing page selected on the phishing campaign or template. The macros are beaconized to "call home" to our servers in order to track that macros were enabled. The file will also prompt the user to click a link. If the user clicks the link, they will also be taken to the selected landing page. The .xlsm version can be used if the .xls version is causing an additional warning prompt for your users. |
Attachment Opened, Clicked | Initially, the file will prompt the user to allow a connection request. If allowed by the user, the attachment will be tracked as opened. Once opened, the file will contain a prompt for the user to click a link in order to view the document. If they click the link, they'll be taken to the landing page selected on the phishing campaign or template. | ||
Zipped Word Document | .zip | Attachment Opened, Clicked | After the file is unzipped and opened, the user will be prompted to click a link in order to view the document. If they click the link, they'll be taken to the landing page selected on the phishing campaign or template. |
Zipped Word Document with Macro | .zip | Attachment Opened, Macros Enabled, Clicked | After the file is unzipped and opened, the user will be prompted to enable macros to view the content of the file. If they enable macros, they will be taken to the landing page selected on the phishing campaign or template. The macros are beaconized to "call home" to our servers in order to track that macros were enabled. The file will also prompt the user to click a link. If the user clicks the link, they will also be taken to the selected landing page. |
Zipped PowerPoint Document | .zip | Attachment Opened | After the file is unzipped and opened, the user will be presented with steps to view the PowerPoint presentation. This attachment will not take the user to a landing page. |
Zipped PowerPoint Document with Macro | .zip | Attachment Opened | After the file is unzipped and opened, the user will be prompted to enable macros to view the content of the file. If they enable macros, they will be taken to the landing page selected on the phishing campaign or template. The macros are beaconized to "call home" to our servers in order to track that macros were enabled. |
Zipped Excel Document | .zip | Attachment Opened, Clicked | After the file is unzipped and opened, the user will be prompted to click a link in order to view the document. If they click the link, they'll be taken to the landing page selected on the phishing campaign or template. |
Zipped Excel Document with Macro | .zip | Attachment Opened, Macros Enabled, Clicked | After the file is unzipped and opened, the user will be prompted to enable macros to view the content of the file. If they enable macros, they will be taken to the landing page selected on the phishing campaign or template. The macros are beaconized to "call home" to our servers in order to track that macros were enabled. The file will also prompt the user to click a link. If the user clicks the link, they will also be taken to the selected landing page. |
Zipped PDF | .zip | Attachment Opened, Clicked | After the file is unzipped and opened, the user will be prompted to click a link in order to view the document. If they click the link, they'll be taken to the landing page selected on the phishing campaign or template. |
HTML File | .html | Attachment Opened, Clicked | After the file is downloaded and opened, the user will see a short line of text before the page automatically redirects to the landing page selected on the phishing campaign or template. |
HTML File with Link | .html | Attachment Opened, Clicked | After the file is downloaded and opened, the user will be prompted to click a link. If the user clicks the link, they'll be taken to the landing page selected on the phishing campaign or template. |