A Security Awareness Email is Used for Phishing Fraud

Cybercriminals are always looking for new ways to deceive their victims. Company workers are increasingly aware that there are phishing campaigns and are beginning to take action. However, these criminals are still looking for new ways to profit, and now it has been discovered that they have used a security awareness email to make a phishing scam .

The creativity of cybercriminals is limitless

Admittedly, in this case, they have carried out a creative phishing campaign. The way to do this has been to create an email template that is intended as a reminder to conduct security awareness training for workers and telecommuters at a popular cybersecurity company.

Security Awareness Email is Used for Phishing Fraud

Over time workers become more aware and responsible in the techniques and attacks used in phishing. Companies are increasing security measures and also offer training courses to their employees. This is why cybercriminals continually have to reinvent themselves and develop new methods to deceive these users. Its main objective is for workers to provide them with their login credentials and then profit.

The attack is based on a security awareness email impersonating the security company KnowBe4, which is actually a phishing scam.

A security awareness email that is a fraud

Phishing attacks are becoming more common every day, and the business world is becoming more and more aware of it. For that reason, they turn to cybersecurity companies that offer phishing education. Their method is to run simulation tests to see if workers can detect these types of harmful emails.

The security company KnowBe4, is one of them and offers training on phishing and simulation tests. Through a security awareness email, he trains workers to be able to detect phishing. Taking advantage of the good reputation of the company they have created a new fraudulent attack that we will talk about next.

The campaign begins when cybercriminals send emails posing as the security company KnowBe4. It asks them to log in and take a test for phishing. These so-called security awareness emails have a subject, an exam reminder and an expiration date. In it, they ask the recipients to log in to take the training and that they have 24 hours to do so. Here is the email that employees receive.

An indication why we should be suspicious and think that it may be a phishing attack is the short period of time they offer to carry it out. Another thing to note is that this fake security awareness email warns that the link will not be in the standard phishing training platform, but in an external site, something strange and that should set off all people’s alarms. .

If we click on the link, it will direct us to a Russian URL in which it will ask us to log in with our Outlook credentials to supposedly start the training course.

Thanks to this, hackers could now get the username and password of their Outlook accounts from the employees of that company, along with some extra information. From the security company KnowBe4 they quickly denied that they had opened a new office in Russia. Also after verifying that link that came from that country, they found that the destination domain was throwing SSL configuration errors. In addition, they also commented that based solely on the structure of the URL, they assumed that the URL was pointing to credential phishing.

However, KnowBe4 is not the first time they try to impersonate it, since, in January 2019 there was another different attempt.

Therefore, whether it is a security awareness email or otherwise, we must be very careful not to be victims of phishing. In cases of suspicious URLs and very short deadlines, they can be indications that a phishing campaign has reached us.

We recommend reading how phishing works and how to avoid it . You can also read how to detect mobile phishing and even types of phishing attacks exist.