You seem to miss where I said header not from field.
The emails originate from knowb4 or phishme servers and customers whitelist those servers from anti spam/phishing/url inspection to minimise the false positives.
The knowb4 and phishme have their names in as part of the email ehlo exchange and are written into the header for tracking.
The emails aren’t from KnowBe4. They are from your HR or CEO or IT department. The links themselves are obvious on the hover though.
You seem to miss where I said header not from field.
The emails originate from knowb4 or phishme servers and customers whitelist those servers from anti spam/phishing/url inspection to minimise the false positives.
The knowb4 and phishme have their names in as part of the email ehlo exchange and are written into the header for tracking.
I’m not seeing the header in Microsoft Outlook. At least the web version. I would love to filter these.