A phishing campaign is targeting employees with phony email reminders for cybersecurity and phishing awareness training. 

In a clever spin on more widely known phishing methods, hackers are sending emails pretending to be from KnowBe4, a company specializing in training employees to recognize phishing scams. 

Phishing campaign


The emails prompt their targets to click links to complete “required” training sessions,  which redirect them to spoofed login pages hosted at a Russian top level domain.

The phishing scam was identified by, a security training and phishing prevention firm that has identified the campaign across at least 30 separate websites since April 2020.