Making a CEO Fraud Phishing Template
Business Email Compromise or CEO Fraud is when an attacker gains access to a corporate email account and spoofs the owner's identity to defraud the company or its employees, customers or partners of money.
You can use your KnowBe4 platform to simulate CEO fraud or Business Email Compromise. We also provide the options of tracking and keeping the data from replies with our reply-to feature to see how vulnerable your users are.
These templates are meant to track replies only and do not contain links or attachments.
We recommend using the following settings when creating a CEO fraud template:
Sender's Email Address:
Use the email address of your CEO or another high-level executive to target high-risk executives groups, such as Accounting or HR.
Assigning a Sender’s Name to appear on a phishing email is optional but we recommend using this field to create a more authentic template.
Reply-To Email Address:
You can assign any different email addresses from the one used in the Sender's Email Address field, that you would like your users to reply to when they click the Reply button on a phishing template.
- If you've specified a Reply-To name in your phishing template, the console will use that information to populate the first portion of the sender email address.
You can use the WYSIWYG editor to edit the body of your phishing email. If you’d like to use HTML, there is a Source button in the left corner of the WYSIWYG that will take you to the source code.
- The Image button, in the left corner of the WYSIWYG, is where you may add any externally-hosted images using a publicly-accessible URL.
There are premade examples of business email compromise and CEO fraud templates in the console, found under the Reply-To Only category or by typing in CEO Fraud in the search bar of the System Templates page in your console.