What Does a Phishing Email Look Like?

a laptop with a hacker's face mask

Phishing email scams are a growing threat that continues to impact companies, despite the use of advanced security tools. Phishing is a form of social engineering attack where the perpetrator uses impersonation to deceive the victim into divulging sensitive information, transferring funds, or downloading malicious software.

According to a recent report by cybersecurity firm SlashNext, there has been a staggering 1,265% increase in malicious phishing emails since the fourth quarter of 2022, with a 967% surge in credential phishing specifically. Cybercriminals target credentials for various nefarious purposes, such as gaining unauthorized access to email accounts to steal personal or corporate data, committing identity theft, or carrying out fraudulent transactions.

The key to defending against phishing attacks is awareness and knowing how to identify suspicious emails to avoid falling victim. There are several red flags to watch out for, including:

The email claims there is a problem with your payment information

Fake Netflix emails
Fake Netflix emails

Fraudsters often pose as customer service representatives from fintech companies, banks, or popular online streaming services such as Amazon Prime Video or Netflix. They will inform you that your payment has been declined or that your account has been compromised. One prevalent scheme is the Netflix login attempt scam, where you may receive an email alerting you to an unauthorized login attempt or suspicious account activity. These deceptive emails are designed to trick individuals into divulging personal information under false pretenses.

Another common tactic is the Netflix account suspension scam. In this phishing scheme, scammers impersonate Netflix and claim that your account has been suspended. The message typically cites an issue with your billing information and includes a link for you to verify or renew your account. However, clicking on the link in the email will redirect you to a counterfeit Netflix website created to steal your personal information or money. These phishing emails are meticulously crafted to mimic authentic Netflix communications, making it easy for unsuspecting users to fall prey to the scam.

If you receive an email alleging a problem with your payment information and you have not authorized any payments, it is likely a phishing attempt. Stay vigilant and avoid clicking on any suspicious links or providing personal information in response to unsolicited emails. Remember, legitimate companies will never ask you to disclose sensitive information via email. If in doubt, contact the company directly through their official website or customer service hotline to verify the authenticity of the communication.

The email asks you to confirm financial or personal information

In August 2022, a Colorado woman, Amber Torres, issued a cautionary alert after narrowly avoiding falling victim to a text scam involving Netflix. According to a report by Denver7, Torres received a message claiming that Netflix was unable to process her payment. The message included a link prompting her to re-enter her payment information, but Torres sensed that something was amiss.

This type of message is known as a financial account confirmation scam and is also commonly sent via emails. The primary goal of this phishing campaign is to obtain personal data. The email may include a link to a website that appears legitimate, but is actually fraudulent. This website link may ask for sensitive information such as account numbers, user names, passwords, or other confidential details. You should note that providing such information can be extremely risky as it can easily fall into the hands of scam artists.

For this reason, reputable institutions such as banks, health insurance companies, and merchants will never ask you for this kind of information over the phone or via emails.

The email tells you that they’ve noticed suspicious activity on your account

Fraudsters employ a variety of tactics to prompt a reaction from individuals. Informing someone that their account has been compromised can evoke feelings of anxiety, leading victims to comply with a scammer's demands out of fear. This type of fraudulent activity is known as phishing, where scammers impersonate legitimate entities, such as a bank, in order to deceive individuals.

For instance, you may receive an email claiming to be from your bank, alerting you to suspicious activity in your account. The email may request that you verify your identity by providing sensitive information, such as your account number, password, and any two-factor authentication details. Once this information is obtained, the scammer gains control of your bank account and can potentially drain it of funds.

If you encounter such an email, it is crucial not to fall victim to the scam. Instead, contact your bank directly to verify the legitimacy of the email and to review recent transactions for any signs of unauthorized activity.

The email includes a fake invoice


One common phishing tactic involves sending fraudulent invoices via email. Many recipients are often intrigued by unexpected charges and may feel compelled to dispute them by clicking on links provided by scammers. Invoice scams typically occur when account details on an invoice are altered or when emails are intercepted, resulting in funds being mistakenly transferred to the scammer's account. Despite no actual products being delivered, fake invoices are still issued, requesting payment to be made to the scammer.

Examples of invoice scams include CEO email fraud, where a criminal impersonates a high-ranking individual within a company, such as the CEO, and requests immediate payment for an invoice. Another example is overdue invoice scams, where a fake supplier sends an invoice to a business claiming that goods were purchased and payment is now overdue.

The email offers an incredible discount or free product

There are numerous fraudulent websites that falsely advertise products at incredibly low prices, only to deliver counterfeit or substandard goods, or even nothing at all. As the saying goes, if something seems too good to be true, it probably is. This rings especially true when it comes to free items offered online, as they are often a front for phishing scams.

To protect yourself from falling victim to these deceptive practices, it is crucial to refrain from paying for coupons or coupon books, as legitimate ones are typically distributed free of charge. Exercise caution if a friend forwards you an email containing coupons, particularly if they promise high-value discounts or free products, as these are likely to be counterfeit.

Furthermore, be vigilant when it comes to clicking on suspicious links, as they may contain malware that can compromise the security of your computer or phone. This malicious software can enable fraudsters to access sensitive information such as account numbers and passwords.

The email says that you’re qualified for a government refund

In the United States, the Internal Revenue Service (IRS) does not initiate contact with taxpayers via email, text messages, or social media platforms to request personal or financial information. Similarly, in the UK, His Majesty's Revenue & Customs (HMRC) will never send notifications via email regarding tax rebates or refunds. Likewise, in Canada, the Canada Revenue Agency (CRA) does not reach out to citizens via email promising tax returns in exchange for personal information. 

Unfortunately, there are numerous tax refund phishing emails circulating that entice individuals with the promise of a tax refund in exchange for personal information, which is then used for fraudulent purposes. These scams are particularly prevalent in the US during late spring and early summer when individuals are anticipating refund checks and are more susceptible to believing that emails regarding refunds are legitimate communications from the IRS.

If you receive an email of this nature, it is imperative that you do not respond or click on any links provided.

The email includes an urgent call to action

You should exercise caution when receiving emails that demand immediate action, such as clicking, calling, or opening attachments. Oftentimes, these emails will pressure you to act quickly in order to claim a reward or avoid a penalty. This tactic of creating a false sense of urgency is a common strategy used in phishing attacks and scams. The goal is to prevent you from taking the time to carefully consider the legitimacy of the email or seek advice from a trusted source.

When faced with a message urging immediate action, it is advisable to pause and carefully examine the contents of the email. One good practice is to hover over any links included in the email to preview the destination URL. This can help you determine if the link is legitimate or if it may lead to a malicious website. Clicking on links in phishing emails can potentially compromise your Personally Identifiable Information (PII), so it is best to err on the side of caution.

If you suspect an email is a phishing attempt, it is recommended to delete the email immediately to prevent any accidental clicks in the future. Additionally, refrain from downloading any attachments that accompany suspicious emails.

The email uses unfamiliar greetings

Many scammers utilize phishing campaigns to target a wide audience. These campaigns often begin with generic greetings such as "Dear valued member," "Sir or Madam," "Dear account holder," or "Dear customer," as scammers do not have specific information about their targets. Legitimate companies, on the other hand, would address you by name and provide instructions to contact them via phone if necessary.

It is concerning that some hackers now use AI tools like ChatGPT to generate large volumes of phishing content quickly and easily.


The email is sent from a public email domain

Legitimate companies typically use domain emails, such as '@amazon.com', rather than public email domains like '@gmail.com' or '@Yahoo.com'. To verify the authenticity of an email, hover your mouse over the 'from' address and ensure that no alterations have been made, such as additional numbers or letters. For instance, emails from Amazon will always come from '@amazon.com', not '@amazon23.com'.

One of the most common signs of a phishing email is the use of a public email domain, like '@gmail.com'.

PayPal phishing email

Take the above screenshot for example. It is evident that the sender's email address does not match the content of the message, which purports to be from PayPal.
Previous Post Next Post