KnowBe4, Inc.
Systems and methods for use of address fields in a simulated phishing attack

Abstract:

Systems and methods are disclosed for creating simulated phishing attack messages that have characteristics which make them appear genuine, while also having characteristics that a user should recognize as being false. Simulated phishing emails may appear to be more realistic to a recipient user if the user observes that the email has also been sent to an individual known to the recipient within the same company. However, it may not be desirable to send the simulated phishing email to such additional recipients. The systems and methods include communicating a simulated phishing email from a server of a simulated phishing attack system to a recipient user of an entity. The simulated phishing email appears to the recipient user as though it is also addressed to one or more non-recipient users of the entity, even though the email is not sent to the non-recipient users.