5 Phishing Email Examples
Phishing emails are used for a variety of purposes, all of them malicious in nature. I sure you’ve seen an email claiming that your long-lost cousin wants to suddenly send a sizeable chunk of money via wire transfer money to your bank account. You need only to supply the sender with a few details and magically you will inherit a cool million dollars. Yes, of course it’s a scam.
Once a neighbor ran an email by me. He wanted to know if a random email soliciting him for some non-existent United Parcel Service (UPS) job was legit. It wasn’t. I had received the same phishing email making me suspect that it was someone in our children’s school who was spamming the parent contact list! I had to explain to him that the landing page for the email blast had nothing to do with UPS or an actual job. It wasn’t even form a head hunter. I then showed him show private data, like his birthdate and home address, would be scammed from the fake job application process. It is amazing what people will fall for but if you are not working with email and technology on a day-to-day basis, then it is easy to fall victim to hackers.
Another common phishing email example is the one that is used in conjunction with a social engineering cyber attack. Hackers use social engineering to gather personal information about a target. For example, the hacker may have acquired your email address from a social media site like Facebook or LinkedIn where you share your contact information with friends.
A spammer sends an email blast to a few hundred or thousand unsuspecting recipients. The email can even mention the forum where the email was acquired to make it sound more legitimate. For example, the scam may be asking the reader to reset a Facebook password. This is a common phishing email and is an attempt to gain even more data about you like your account password or birthdate
A skilled hacker can glean thousands of email addresses by scraping data from open forums and chat groups. Groups users are there with other, honest intentions, but hackers are out to make money. A spear phishing email attack is generally much smaller scale than a broad phishing email. Spear phishing email are sometimes only sent to one target.
Phishing Email Examples
Amex Phishing email
Last week I shared a spear phishing email that I had received a few times in a short period of time. The email was well crafted. The spammer took a lot of time to create an email that appeared to originate from American Express. How the spammer targeted me, I will never know. The hacker even took the time to set up a phishing website to go along with the email. I identified the email as spam right away, so I did not click on any of the links thus I never saw the phishing website. I have little doubt it would have prompted me for an American Express account number or password, if I had one.
A Plain Text Phishing Example
The other phishing email I received in the same week (they were busy!) was what I call a simple spam. The sender did not take the time to embed fancy graphics or swipe graphics from a legitimate website. This phishing email example was just done in plain text, designed to avoid the watchful eyes of antivirus software. There were no links to select and no spammy words to get caught up by spam filters. This phishing email example was a straight-out threat to expose me online unless I transferred some cryptocurrency. The sender assumed I had a cryptocurrency wallet or even knew how to transfer cryptos to is his wallet. My guess is this one was not so lucrative for the sender.
Netflix Phishing Email Example
In November 2017, Netflix subscribers were hit with a phishing email scam asking them to reset their account passwords. The password reset, of course failed, and next user was then prompted to enter in a new password along with billing information to make sure there was no interruption of service. How convenient! All of this was an elaborate phishing email scam to nab credit card numbers. All totaled, the email went out to 50 million Netflix Subscribers!
Equifax had one of the largest data beaches in US history in 2017. It was complimented with a phishing website that directed users to enter login credentials. At one point, Equifax customer service accidentally sent already hacked customers to the spoof website. There was much more at risk in this phishing scam. Users’ entire credit history and loads of personal data is contained in a credit bureau report.
Gmail Spear Phishing Example
Even Google is not immune to phishing emails. In this phishing example, Google Gmail users were hit with a Gmail phishing attack. This especially crafty spear phishing email directed readers to send banking information. Again, the common goal of trying to get paid by spamming unsuspecting email recipients was at work. Gmail quickly put the kibosh on this spear phishing attack. Why is this example referred to as spear phishing? Because it was targeted at specific readers, naming them as the email recipient. In addition, the phishing email appeared to be sent from someone the recipient knew personally.
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers