50+ Phishing Email Examples from Real Life Phishing Attacks (2009-2020)

Phishing Email Examples ojoiszy

In a previous post, I classified the endless phishing varieties into 3 broad categories based upon the end goal of the phishing scam. Those were the credential-based, action-based, and malware-based phishing scams.

Here in this post, I have sorted under these 3 categories a meticulously curated list of actual examples of phishing emails that I gathered from all around the web, exactly as they were sent in real-life phishing attacks.

Related: What is Phishing? Types and Categories of Phishing Attacks

There is nothing that can make you grab a better understanding of a concept more than an example from a real-life situation. If you are ready, let’s dive in.

Credential Based Phishing Category

Credential based phishing scams target the usernames & passwords, bank and credit card numbers, and other personally identifiable information (PII) of their victims.

For these, malicious actors have a number of very common themes they like to use to steal victims’ account credentials.

Here are some of those themes and the very common phishing email examples that fall under them:

A. Financial and Payment Services Theme

Financial themes are a huge favorite of Phishers for two reasons. The response rate to the emails are high. Secondly, they very quickly reach the actualization of the phishing goal—which is the aquisiton of the account details, usernames, and passwords of their victims that will enable them empty the accounts.

Almost everyone makes use of some financial institution or online payment service and thus would promptly open and typically respond to a notice from any such institution.

Phishers are aware of this hence the reason for the countless varieties of financial phish themes. Some of the most common financial phish themes include the following:

  • There has been a number of invalid or suspicious login attempts on your account.
  • Your account has been suspended, locked or disabled.
  • Your account details are missing, incorrect or needs updating.
  • You are overdue on paying taxes or for a tax refund.

Now here are a few real-life examples of phishing emails in the wild using these financial themes to steal account credentials.

1. Wells Fargo phishing email examples

Wells Fargo Phishing Email Example 1
Wells Fargo Phishing Email Example 1 – source
Wells Fargo Phishing Email Example 2
Wells Fargo Phishing Email Example 2 – source
Wells Fargo Spear Phishing Email Example 3
Wells Fargo Spear Phishing Email Example 3 – source
Wells Fargo SMiShing Phishing Example 4
Wells Fargo SMiShing Phishing Example 4 – source

2. Bank of America phishing email examples

Bank of America Phishing Email Example 1
Bank of America Phishing Email Example 1 – source
Bank of America Phishing Email Example 2
Bank of America Phishing Email Example 2 – source
Bank of America Phishing Email Example 3
Bank of America Phishing Email Example 3 – source
Bank of America Phishing Email Example 4
Bank of America Phishing Email Example 4 – source
Bank of America SMiShing Example 5
Bank of America SMiShing Example 5 – source

3. PayPal phishing email examples

PayPal General Phishing Example 1
PayPal (General) Phishing Example 1 – source
PayPal General Phishing Example 2
PayPal (General) Phishing Example 2 – source
PayPal Phishing Example Spear Phish
PayPal (Spear) Phishing Example 3 – source

4. Turbotax (tax filing) phishing email examples

TurboTax Credential Spear Phish Example 1
TurboTax Credential (Spear) Phish Example 1 – source
TurboTax Credential General Phish Example 2
TurboTax Credential (General) Phish Example 2 – source

5. IRS (tax refund) phishing email examples

IRS Credential General Phish Example 1
IRS Credential (General) Phish Example 1 – source
IRS Credential General Phish Example 2
IRS Credential (General) Phish Example 2 – source
IRS Credential Spear Phish Example 3
IRS Credential (Spear) Phish Example 3 – source
IRS SMS Phish Example 4
IRS SMS Phish Example 4 – source
IRS Credential Spear Phish Example 5
IRS SSN (Spear) Phish Example 5 – source

6. Amazon phishing email examples

Amazon Credential General Phish Example 1
Amazon Credential (General) Phish Example 1 – source
Amazon Credential or Malware Phish Example 2
Amazon Credential or Malware Phish Example 2 – source
Amazon Fake Order Tracking Credential Phishing Example 3
Amazon Fake Order Tracking Credential Phishing Example 3 – source

B. Social Media Threats Themes

Phishing attacks leveraging social media as it’s delivery, distribution, and target acquisition channel is another common theme we are seeing more in the wild these recent times.

In fact, the honorable folks at the Anti-Phishing Working Group (APWG) describe this as the Modern Face of Phishing.

So it would seem normal when you get an email purporting to be from one of these social media services notifying you of a friend request or asking you to check out a link.

This could just be a phishing email targeting your account credentials. Some common social media phish themes you may see include:

  • You have a new friend request or connection invitation
  • You have important pending notifications
  • Someone shared a document with you
  • You have violated terms of service

Below are some of the actual examples of phishing emails that are being sent around using the above themes.

7. Facebook phishing email examples

Facebook Phishing Email Example 1
Facebook Phishing Email Example 1 – source
Facebook Phishing Email Example 2
Facebook Phishing Email Example 2 – source
Facebook Phishing Email Example 3
Facebook Phishing Email Example 3 – source

8. Linkedin phishing email examples

Linkedin Phishing Email Example 1
Linkedin Phishing Email Example 1 – source
Linkedin Phishing Email Example 2
Linkedin Phishing Email Example 2 – source
Linkedin Phishing Email Example 3
Linkedin Phishing Email Example 3 – source
Linkedin Phishing Email Example 4
Linkedin Phishing Email Example 4 – source

9. Google Docs phishing email examples

Google YouTube Phishing Email Example 1
Google YouTube Phishing Email Example 1 – source
Google YouTube Phishing Email Example 2
Google YouTube Phishing Email Example 2 – source
Google Drive Phishing Email Example 3
Google Drive Phishing Email Example 3 – source
Google Gmail Phishing Email Example 4
Google Gmail Phishing Email Example 4 – source
Google Gmail Phishing Email Example 5
Google Gmail Phishing Email Example 5 – source

10. Microsoft phishing email examples

Microsoft Phishing Email Example 1
Microsoft Phishing Email Example 1 – source
Microsoft Phishing Email Example 2
Microsoft Phishing Email Example 2 – source
Microsoft Macros Phishing Email Example 3
Microsoft Macros Phishing Email Example 3 – source
Microsoft VBS Phishing Email Example 4
Microsoft VBS Phishing Email Example 4 – source
Microsoft Phishing Email Example 5
Microsoft Phishing Email Example 5 – source

Action Based Phishing Category

Action based phishing scams are designed to target victims with the sole purpose of manipulating them to take a compromising action which will bring an IMMEDIATE gratification or profit to the attacker.

Again, malicious actors have a number of very common themes that have proven highly successful in eliciting actions from unsuspecting victims.

Here are some of those themes and real life phishing emails that fall in this category:

A. CEO Fraud Theme

CEO Fraud or BEC scams as the FBI likes to call it is a term we use to describe the attack where malicious hackers send phishing emails pretending to be a top executive (usually the CEO, CTO, CFO) of a company in an attempt to trick or fool lower-level employees in the finance and accounting departments to make wire transfers of company funds thinking they were acting on the orders of that executive.

5 Common Attack Scenarios in a CEO Fraud or BEC Scam according to the FBI are:

  1. Business working with a foreign supplier: This scam takes advantage of a long-standing wire-transfer relationship with a supplier, but asks for the funds to be sent to a different account. 
  2. Business receiving or initiating a wire transfer request: By compromising and/or spoofing the email accounts of top executives, another employee receives a message to transfer funds somewhere, or a financial institution receives a request from the company to send funds to another account. These requests appear genuine as they come from the correct email address. 
  3. Business contacts receiving fraudulent correspondence: By taking over an employee’s email account and sending invoices out to company suppliers, money is transferred to bogus accounts. 
  4. Executive and attorney impersonation: The fraudsters pretend to be lawyers or executives dealing with confidential and time-sensitive matters. 
  5. Data theft: Fraudulent emails request either all wage or tax statement (W-2) forms or a company list of personally identifiable information (PII). These come from compromised and/or spoofed executive email accounts and are sent to the HR department, accounts or auditing departments.

11. BEC phishing email examples

BEC Scam Email Example 1
BEC Scam Email Example 1 – source
BEC Scam Email Example 2
BEC Scam Email Example 2 – source
BEC Scam Email Example 3
BEC Scam Email Example 3 – source
BEC Scam Email Example 4
BEC Scam Email Example 4 – source
BEC Scam Email Example 5
BEC Scam Email Example 5 – source

B. Current or High-profile Events Theme

Current events or high-profile events scams are scams where heartless scammers that lack human empathy use tragedy affecting a lot of people as an opportunity to steal from the bereaved and highly emotionally grieved masses.

Examples are when a national disaster such as a hurricane, earthquake, landslide, typhoon, or this current COVID-19 pandemic strikes, malicious actors swing into action to cash out of the situation.

It’s so sad to know that not everyone who sees these horrors feel empathy for their fellow man.

Some of the ways we’ve seen malicious people take advantage of the disasters is by:

  • Phishing users with fake charity websites asking for donations via credit card or bank transfers.
  • Vishing people with a realistic pretext that matches the current situation.
  • Going in person from house-to-house actually knocking on doors and soliciting people give them claiming it’s for assistance for the victims of the disaster.

Phew! That’s a lot to swallow for you I believe. But it’s happening and it working great for these heartless scammers.

Below are a few real life examples of these kind of phishing emails.

12. California Wildfire phishing email example

California Wildfires Phishing Email Example 1
California Wildfires Phishing Email Example 1 – source

13. Haiti Earthquake phishing email examples

Haiti Earthquake Phishing Email Example 1
Haiti Earthquake Phishing Email Example 1 – source
Haiti Earth Quake Phishing Email Example 2
Haiti Earth Quake Phishing Email Example 2 – source
Haiti Earthquake Phishing Email Example 3
Haiti Earthquake Phishing Email Example 3 – source

14. Coronavirus (COVID-19) phishing email examples

Coronavirus COVID 19 SMiShing example
Coronavirus COVID 19 SMiShing example – source
Coronavirus COVID 19 SMiShing example 2
Coronavirus COVID 19 SMiShing example 2 – source
Coronavirus COVID 19 Phishing Email Example 1
Coronavirus COVID 19 Phishing Email Example 1 – source
Coronavirus COVID 19 Phishing Email Example 2
Coronavirus COVID 19 Phishing Email Example 2 – source
Coronavirus COVID 19 Malware Spear phish
Coronavirus COVID 19 Malware Spear phish – source
Coronavirus COVID 19 Malware Spear phish example 2
Coronavirus COVID 19 Malware Spear phish example 2 – source

Exploit Based Phishing Category

Exploit based phishing scams are designed to load malware onto a victim’s computer or smartphone to gain persistent control over the device in order to get a foot in the door to launch more sinister attacks.

Here are some of the themes and real world phishing email examples in this category:

15. RSA phishing email example

I will be doing this section a huge disservice if I didn’t mention the RSA phishing that took place in 2009. This is an epic example of a malware based phishing attack.

RSA Malware Phish
RSA Malware Phish – source

16. Ransomware phishing email examples

Ransomware Phishing Email Example 1
Ransomware Phishing Email Example 1 – source
Ransomware Phishing Email Example 2
Ransomware Phishing Email Example 2 – source
Ransomware Phishing Email Example 3
Ransomware Phishing Email Example 3 – source
Ransomware Phishing Email Example 4
Ransomware Phishing Email Example 4 – source

Note: In this post, I tried to put these examples of phishing emails under categories and theme headings, but that was only to aid understanding. IT IS NOT A RULE!!! Credential Phishing Themes could also be used to send a malware-based or action-based phish, and vice versa.

Adversaries are not bounded by rules nor do they respect themes or categorization boundaries. They want to craft anything that would strike the cord and ensure their phishing campaign climaxes in success. So please be aware of this!

Conclusion

There you have it, 50+ phishing email examples from real-world attacks. I’m sure you are shocked and short of words right now seeing the extent cybercriminals could take their malicious craft to, especially if you’ve been oblivious of cyber security matters.

The problem of phishing is a BIG one because it not only uses technological weapons, it also attacks one’s psychology and emotions too.

Well, it’s not all gloom & doom, because something can actually be done about this problem of phishing. And that is to provide internet users with sufficient awareness, quality training & education that is complete with “teachable moments” (like I have done here by using real-life examples to explain phishing).

Thank you for reading. Would you please share this post with your friends & colleagues? Because you’d be helping them too to get that teachable moment I talked about!

Don’t miss: 10+ Phishing Prevention Tips: How to Avoid Phishing Scams

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Scroll to Top