RabbitThe "phishing training" industry and practice has lost the plot. You'd be far better off building your security program around the idea that sometimes users get phished than to invest the same money to constantly harass them with phishes that don't even reflect what actual phishes look like.
We’ve created a type of control which can be bypassed by spelling things correctly, since we've trained people to believe phishes will always be misspelled or come from an obvious domain.
This is why your company still gets rocked with ransomware from some 14 year old who sends your users a plain looking URL from a gmail account with the subject “You’ve received a Dunkin' Gift Card!”
KnowBe4 can't save you.
All GNU social JP content and data are available under the