Yep. All of KB4s stuff looks like it came from a single designer. You need to go through your spam filter and make custom templates from whatever you are receiving, and also make lookalikes from real business messages. Bankers doing wire transfers to wrong accounts because of a forged document has been a serious problem in my sphere lately.
It used to be that if a mailbox got compromised they would just send spam about lottery wins and boner pills. Now they watch your messages and reply to a real request with a good looking response. A correct expected reply in a chain from an authentic account, just some numbers have changed. Then they will steal your contacts and register a similar domain and try to impersonate you.
We had almost this exact scenario (look alike domain) play out with a customer. Their accounts payable department almost paid out half a million to a scammer. Fortunately the employee at the customer accidentally replied to our actual email address and our folks knew better and picked up the phone. The customer insisted up and down that their email system had not been compromised. It took telling their IT folks what and where to look before they finally realized they were compromised. Good IT/security teams make all the difference.
It's all in how much effort you put into it. It's quite versatile and their customer success team is phenomenal. We had multiple pretty smart employees accidentally fall for it the first few campaigns and immediately reach out when they realized what they did.
Employees get really good at spotting the tests.