50+ Phishing Email Examples from Real Life Phishing Attacks (2009-2020)

Phishing Email Examples ojoiszy

In a previous post, I classified the endless phishing varieties into 3 broad categories based upon the end goal of the phishing scam. Those were the credential-based, action-based, and malware-based phishing scams.

Here in this post, I have sorted under these 3 categories a meticulously curated list of actual examples of phishing emails that I gathered from all around the web, exactly as they were sent in real-life phishing attacks.

Related: What is Phishing? Types and Categories of Phishing Attacks

There is nothing that can make you grab a better understanding of a concept more than an example from a real-life situation. If you are ready, let’s dive in.

Credential Based Phishing Category

Credential based phishing scams target the usernames & passwords, bank and credit card numbers, and other personally identifiable information (PII) of their victims.

For these, malicious actors have a number of very common themes they like to use to steal victims’ account credentials.

Here are some of those themes and the very common phishing email examples that fall under them:

A. Financial and Payment Services Theme

Financial themes are a huge favorite of Phishers for two reasons. The response rate to the emails are high. Secondly, they very quickly reach the actualization of the phishing goal—which is the aquisiton of the account details, usernames, and passwords of their victims that will enable them empty the accounts.

Almost everyone makes use of some financial institution or online payment service and thus would promptly open and typically respond to a notice from any such institution.

Phishers are aware of this hence the reason for the countless varieties of financial phish themes. Some of the most common financial phish themes include the following:

  • There has been a number of invalid or suspicious login attempts on your account.
  • Your account has been suspended, locked or disabled.
  • Your account details are missing, incorrect or needs updating.
  • You are overdue on paying taxes or for a tax refund.

Now here are a few real-life examples of phishing emails in the wild using these financial themes to steal account credentials.

1. Wells Fargo phishing email examples

Wells Fargo Phishing Email Example 1
Wells Fargo Phishing Email Example 1 – source
Wells Fargo Phishing Email Example 2
Wells Fargo Phishing Email Example 2 – source
Wells Fargo Spear Phishing Email Example 3
Wells Fargo Spear Phishing Email Example 3 – source
Wells Fargo SMiShing Phishing Example 4
Wells Fargo SMiShing Phishing Example 4 – source

2. Bank of America phishing email examples

Bank of America Phishing Email Example 1
Bank of America Phishing Email Example 1 – source
Bank of America Phishing Email Example 2
Bank of America Phishing Email Example 2 – source
Bank of America Phishing Email Example 3
Bank of America Phishing Email Example 3 – source
Bank of America Phishing Email Example 4
Bank of America Phishing Email Example 4 – source
Bank of America SMiShing Example 5
Bank of America SMiShing Example 5 – source

3. PayPal phishing email examples

PayPal General Phishing Example 1
PayPal (General) Phishing Example 1 – source
PayPal General Phishing Example 2
PayPal (General) Phishing Example 2 – source
PayPal Phishing Example Spear Phish
PayPal (Spear) Phishing Example 3 – source

4. Turbotax (tax filing) phishing email examples

TurboTax Credential Spear Phish Example 1
TurboTax Credential (Spear) Phish Example 1 – source
TurboTax Credential General Phish Example 2
TurboTax Credential (General) Phish Example 2 – source

5. IRS (tax refund) phishing email examples

IRS Credential General Phish Example 1
IRS Credential (General) Phish Example 1 – source
IRS Credential General Phish Example 2
IRS Credential (General) Phish Example 2 – source
IRS Credential Spear Phish Example 3
IRS Credential (Spear) Phish Example 3 – source
IRS SMS Phish Example 4
IRS SMS Phish Example 4 – source
IRS Credential Spear Phish Example 5
IRS SSN (Spear) Phish Example 5 – source

6. Amazon phishing email examples

Amazon Credential General Phish Example 1
Amazon Credential (General) Phish Example 1 – source
Amazon Credential or Malware Phish Example 2
Amazon Credential or Malware Phish Example 2 – source
Amazon Fake Order Tracking Credential Phishing Example 3
Amazon Fake Order Tracking Credential Phishing Example 3 – source

B. Social Media Threats Themes

Phishing attacks leveraging social media as it’s delivery, distribution, and target acquisition channel is another common theme we are seeing more in the wild these recent times.

In fact, the honorable folks at the Anti-Phishing Working Group (APWG) describe this as the Modern Face of Phishing.

So it would seem normal when you get an email purporting to be from one of these social media services notifying you of a friend request or asking you to check out a link.

This could just be a phishing email targeting your account credentials. Some common social media phish themes you may see include:

  • You have a new friend request or connection invitation
  • You have important pending notifications
  • Someone shared a document with you
  • You have violated terms of service

Below are some of the actual examples of phishing emails that are being sent around using the above themes.

7. Facebook phishing email examples

Facebook Phishing Email Example 1
Facebook Phishing Email Example 1 – source
Facebook Phishing Email Example 2
Facebook Phishing Email Example 2 – source
Facebook Phishing Email Example 3
Facebook Phishing Email Example 3 – source

8. Linkedin phishing email examples

Linkedin Phishing Email Example 1
Linkedin Phishing Email Example 1 – source
Linkedin Phishing Email Example 2
Linkedin Phishing Email Example 2 – source
Linkedin Phishing Email Example 3
Linkedin Phishing Email Example 3 – source
Linkedin Phishing Email Example 4
Linkedin Phishing Email Example 4 – source

9. Google Docs phishing email examples

Google YouTube Phishing Email Example 1
Google YouTube Phishing Email Example 1 – source
Google YouTube Phishing Email Example 2
Google YouTube Phishing Email Example 2 – source
Google Drive Phishing Email Example 3
Google Drive Phishing Email Example 3 – source
Google Gmail Phishing Email Example 4
Google Gmail Phishing Email Example 4 – source
Google Gmail Phishing Email Example 5
Google Gmail Phishing Email Example 5 – source

10. Microsoft phishing email examples

Microsoft Phishing Email Example 1
Microsoft Phishing Email Example 1 – source
Microsoft Phishing Email Example 2
Microsoft Phishing Email Example 2 – source
Microsoft Macros Phishing Email Example 3
Microsoft Macros Phishing Email Example 3 – source
Microsoft VBS Phishing Email Example 4
Microsoft VBS Phishing Email Example 4 – source
Microsoft Phishing Email Example 5
Microsoft Phishing Email Example 5 – source

Action Based Phishing Category

Action based phishing scams are designed to target victims with the sole purpose of manipulating them to take a compromising action which will bring an IMMEDIATE gratification or profit to the attacker.

Again, malicious actors have a number of very common themes that have proven highly successful in eliciting actions from unsuspecting victims.

Here are some of those themes and real life phishing emails that fall in this category:

A. CEO Fraud Theme

CEO Fraud or BEC scams as the FBI likes to call it is a term we use to describe the attack where malicious hackers send phishing emails pretending to be a top executive (usually the CEO, CTO, CFO) of a company in an attempt to trick or fool lower-level employees in the finance and accounting departments to make wire transfers of company funds thinking they were acting on the orders of that executive.

5 Common Attack Scenarios in a CEO Fraud or BEC Scam according to the FBI are:

  1. Business working with a foreign supplier: This scam takes advantage of a long-standing wire-transfer relationship with a supplier, but asks for the funds to be sent to a different account. 
  2. Business receiving or initiating a wire transfer request: By compromising and/or spoofing the email accounts of top executives, another employee receives a message to transfer funds somewhere, or a financial institution receives a request from the company to send funds to another account. These requests appear genuine as they come from the correct email address. 
  3. Business contacts receiving fraudulent correspondence: By taking over an employee’s email account and sending invoices out to company suppliers, money is transferred to bogus accounts. 
  4. Executive and attorney impersonation: The fraudsters pretend to be lawyers or executives dealing with confidential and time-sensitive matters. 
  5. Data theft: Fraudulent emails request either all wage or tax statement (W-2) forms or a company list of personally identifiable information (PII). These come from compromised and/or spoofed executive email accounts and are sent to the HR department, accounts or auditing departments.

11. BEC phishing email examples

BEC Scam Email Example 1
BEC Scam Email Example 1 – source
BEC Scam Email Example 2
BEC Scam Email Example 2 – source
BEC Scam Email Example 3
BEC Scam Email Example 3 – source
BEC Scam Email Example 4
BEC Scam Email Example 4 – source
BEC Scam Email Example 5
BEC Scam Email Example 5 – source

B. Current or High-profile Events Theme

Current events or high-profile events scams are scams where heartless scammers that lack human empathy use tragedy affecting a lot of people as an opportunity to steal from the bereaved and highly emotionally grieved masses.

Examples are when a national disaster such as a hurricane, earthquake, landslide, typhoon, or this current COVID-19 pandemic strikes, malicious actors swing into action to cash out of the situation.

It’s so sad to know that not everyone who sees these horrors feel empathy for their fellow man.

Some of the ways we’ve seen malicious people take advantage of the disasters is by:

  • Phishing users with fake charity websites asking for donations via credit card or bank transfers.
  • Vishing people with a realistic pretext that matches the current situation.
  • Going in person from house-to-house actually knocking on doors and soliciting people give them claiming it’s for assistance for the victims of the disaster.

Phew! That’s a lot to swallow for you I believe. But it’s happening and it working great for these heartless scammers.

Below are a few real life examples of these kind of phishing emails.

12. California Wildfire phishing email example

California Wildfires Phishing Email Example 1
California Wildfires Phishing Email Example 1 – source

13. Haiti Earthquake phishing email examples

Haiti Earthquake Phishing Email Example 1
Haiti Earthquake Phishing Email Example 1 – source
Haiti Earth Quake Phishing Email Example 2
Haiti Earth Quake Phishing Email Example 2 – source
Haiti Earthquake Phishing Email Example 3
Haiti Earthquake Phishing Email Example 3 – source

14. Coronavirus (COVID-19) phishing email examples

Coronavirus COVID 19 SMiShing example
Coronavirus COVID 19 SMiShing example – source
Coronavirus COVID 19 SMiShing example 2
Coronavirus COVID 19 SMiShing example 2 – source
Coronavirus COVID 19 Phishing Email Example 1
Coronavirus COVID 19 Phishing Email Example 1 – source
Coronavirus COVID 19 Phishing Email Example 2
Coronavirus COVID 19 Phishing Email Example 2 – source
Coronavirus COVID 19 Malware Spear phish
Coronavirus COVID 19 Malware Spear phish – source
Coronavirus COVID 19 Malware Spear phish example 2
Coronavirus COVID 19 Malware Spear phish example 2 – source

Exploit Based Phishing Category

Exploit based phishing scams are designed to load malware onto a victim’s computer or smartphone to gain persistent control over the device in order to get a foot in the door to launch more sinister attacks.

Here are some of the themes and real world phishing email examples in this category:

15. RSA phishing email example

I will be doing this section a huge disservice if I didn’t mention the RSA phishing that took place in 2009. This is an epic example of a malware based phishing attack.

RSA Malware Phish
RSA Malware Phish – source

16. Ransomware phishing email examples

Ransomware Phishing Email Example 1
Ransomware Phishing Email Example 1 – source
Ransomware Phishing Email Example 2
Ransomware Phishing Email Example 2 – source
Ransomware Phishing Email Example 3
Ransomware Phishing Email Example 3 – source
Ransomware Phishing Email Example 4
Ransomware Phishing Email Example 4 – source

Note: In this post, I tried to put these examples of phishing emails under categories and theme headings, but that was only to aid understanding. IT IS NOT A RULE!!! Credential Phishing Themes could also be used to send a malware-based or action-based phish, and vice versa.

Adversaries are not bounded by rules nor do they respect themes or categorization boundaries. They want to craft anything that would strike the cord and ensure their phishing campaign climaxes in success. So please be aware of this!

Conclusion

There you have it, 50+ phishing email examples from real-world attacks. I’m sure you are shocked and short of words right now seeing the extent cybercriminals could take their malicious craft to, especially if you’ve been oblivious of cyber security matters.

The problem of phishing is a BIG one because it not only uses technological weapons, it also attacks one’s psychology and emotions too.

Well, it’s not all gloom & doom, because something can actually be done about this problem of phishing. And that is to provide internet users with sufficient awareness, quality training & education that is complete with “teachable moments” (like I have done here by using real-life examples to explain phishing).

Thank you for reading. Would you please share this post with your friends & colleagues? Because you’d be helping them too to get that teachable moment I talked about!

Don’t miss: 10+ Phishing Prevention Tips: How to Avoid Phishing Scams

0 0 vote
Article Rating
Subscribe
Notify of
guest
96 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

Google

Every once in a when we decide on blogs that we study. Listed beneath are the most up-to-date web pages that we decide on.

trackback

find a builder

[…]the time to study or go to the content or internet sites we have linked to beneath the[…]

trackback

rabbit toy for women

[…]that may be the finish of this write-up. Here you will come across some sites that we believe you’ll appreciate, just click the hyperlinks over[…]

trackback

blogcaodep.com

[…]the time to study or visit the material or web sites we’ve linked to below the[…]

trackback

all vape stores online

[…]here are some hyperlinks to websites that we link to mainly because we think they may be worth visiting[…]

trackback

orbit sprinkler system

[…]Wonderful story, reckoned we could combine a couple of unrelated data, nevertheless truly really worth taking a appear, whoa did one understand about Mid East has got additional problerms at the same time […]

trackback

Gerüstbau

[…]we came across a cool internet site which you could appreciate. Take a look for those who want[…]

trackback

best to buy

[…]that would be the end of this report. Here you will discover some web pages that we believe you’ll enjoy, just click the links over[…]

trackback

sývý klor

[…]always a major fan of linking to bloggers that I really like but really don’t get quite a bit of link really like from[…]

trackback

havuz ekipmanlarý

[…]always a large fan of linking to bloggers that I love but don’t get a good deal of link love from[…]

trackback

sweetiehouse.vn

[…]always a huge fan of linking to bloggers that I adore but do not get a whole lot of link like from[…]

trackback

Pomsky Puppies For Sale

[…]Here are a few of the sites we recommend for our visitors[…]

trackback

Shotguns

[…]here are some hyperlinks to web-sites that we link to for the reason that we consider they may be worth visiting[…]

trackback

fluorococaine

[…]very handful of internet websites that happen to become detailed beneath, from our point of view are undoubtedly well really worth checking out[…]

trackback

Pc hilfe kempraten

[…]Here is an excellent Blog You may Locate Fascinating that we Encourage You[…]

trackback

MACHINE GUNS FOR SALE

[…]very handful of web sites that come about to be in depth below, from our point of view are undoubtedly very well worth checking out[…]

trackback

Magic Mush Rooms

[…]below you will locate the link to some websites that we consider you ought to visit[…]

trackback

Google

Check beneath, are some completely unrelated websites to ours, on the other hand, they may be most trustworthy sources that we use.

trackback

cheap kittens for sale

[…]that could be the end of this write-up. Here you’ll locate some web-sites that we think you’ll enjoy, just click the links over[…]

trackback

REAL COUNTERFEIT MONEY FOR SALE ONLINE

[…]we came across a cool web page that you might appreciate. Take a look in the event you want[…]

trackback

blue nose pitbull puppies for sale

[…]The information talked about in the report are a number of the most effective readily available […]

trackback

Reformhaus

[…]one of our visitors not long ago recommended the following website[…]

trackback

google marketing Hrdf training

[…]Wonderful story, reckoned we could combine a number of unrelated data, nevertheless really worth taking a look, whoa did a single find out about Mid East has got a lot more problerms as well […]

trackback

Tenuate retard

[…]very few internet websites that occur to be comprehensive beneath, from our point of view are undoubtedly effectively worth checking out[…]

trackback

thc vape juice

[…]Sites of interest we’ve a link to[…]

trackback

Fish scale cocaine

[…]that will be the end of this report. Here you will come across some sites that we think you will appreciate, just click the links over[…]

trackback

University kenya

[…]here are some hyperlinks to web pages that we link to because we consider they are worth visiting[…]

trackback

herbal incense for sale

[…]the time to read or stop by the material or websites we’ve linked to beneath the[…]

trackback

Buy Opana 40mg online

[…]Every when in a though we pick blogs that we read. Listed beneath are the most current web-sites that we choose […]

trackback

brazzers

[…]Here is an excellent Blog You may Find Intriguing that we Encourage You[…]

trackback

Customised hi vis UK.

[…]Every as soon as inside a while we opt for blogs that we study. Listed beneath would be the most up-to-date web sites that we choose […]

trackback

learn more

[…]Here is a good Blog You may Come across Fascinating that we Encourage You[…]

trackback

Relevant

[…]although web sites we backlink to beneath are considerably not related to ours, we feel they’re actually worth a go via, so possess a look[…]

trackback

bitcoins online

[…]usually posts some quite exciting stuff like this. If you’re new to this site[…]

trackback

CARGO CRUISE

[…]Every the moment in a even though we select blogs that we read. Listed below would be the newest web-sites that we opt for […]

trackback

bitcoin canada

[…]below you’ll locate the link to some web pages that we believe you must visit[…]

trackback

Buy Viagra gold online

[…]the time to read or visit the content or websites we’ve linked to beneath the[…]

trackback

Buy Atarax 25mg online

[…]always a significant fan of linking to bloggers that I really like but don’t get quite a bit of link enjoy from[…]

trackback

TOYOTA

[…]Every once in a although we opt for blogs that we study. Listed below are the most up-to-date web pages that we pick out […]

trackback

Buy weed online

[…]we came across a cool website that you might appreciate. Take a appear in case you want[…]

trackback

NORCO PILLS 10/325mg

[…]we like to honor lots of other internet sites on the internet, even though they aren’t linked to us, by linking to them. Underneath are some webpages really worth checking out[…]

trackback

real feel dildos

[…]Every when in a although we pick out blogs that we study. Listed beneath are the most up-to-date web-sites that we pick […]

trackback

우리카지노

[…]check beneath, are some entirely unrelated web sites to ours, even so, they’re most trustworthy sources that we use[…]

trackback

퍼스트카지노

[…]please check out the web-sites we comply with, such as this one, because it represents our picks from the web[…]

trackback

singapore cloud accounting

[…]although internet websites we backlink to below are considerably not related to ours, we feel they are basically worth a go by means of, so possess a look[…]

trackback

BUY OPANA 40 MG ONLINE

[…]one of our guests not too long ago recommended the following website[…]

trackback

Jungle boys Orange Daiquiri

[…]The info mentioned in the report are a few of the ideal accessible […]

trackback

Buy Methadone Wafers Online

[…]Sites of interest we’ve a link to[…]

trackback

샌즈카지노

[…]please take a look at the internet sites we follow, like this one particular, because it represents our picks in the web[…]

trackback

메리트카지노

[…]very few web-sites that come about to become comprehensive below, from our point of view are undoubtedly well worth checking out[…]

96
0
Would love your thoughts, please comment.x
()
x
Scroll to Top