I find that Cybersecurity training emails hit every red flag for a phishing email even if it’s legit:

• From an external organization without my company’s letterhead.
• Automated and I receive it at like 4am
• A message saying something to the effect of “IT has assigned important training for you”
• A link whose URL is a long string to an unidentifiable site
• Clicking the link immediately takes you to a login page to enter your company email.

If I wanted access to someone email and password maliciously, I’d totally make a cybersecurity training site like http://cybersecuritytraining.biz/, tell people they are due for company cybersecurity training just like this and I bet I’d get a lot of accounts.