In a previous post, I classified the endless phishing varieties into 3 broad categories based upon the end goal of the phishing scam. Those were the credential-based, action-based, and malware-based phishing scams.
Here in this post, I have sorted under these 3 categories a meticulously curated list of actual examples of phishing emails that I gathered from all around the web, exactly as they were sent in real-life phishing attacks.
There is nothing that can make you grab a better understanding of a concept more than an example from a real-life situation. If you are ready, let’s dive in.
- Credential Based Phishing Category
- A. Financial and Payment Services Theme
- 1. Wells Fargo phishing email examples
- 2. Bank of America phishing email examples
- 3. PayPal phishing email examples
- 4. Turbotax (tax filing) phishing email examples
- 5. IRS (tax refund) phishing email examples
- 6. Amazon phishing email examples
- B. Social Media Threats Themes
- 7. Facebook phishing email examples
- 8. Linkedin phishing email examples
- 9. Google Docs phishing email examples
- 10. Microsoft phishing email examples
- Action Based Phishing Category
- A. CEO Fraud Theme
- 11. BEC phishing email examples
- B. Current or High-profile Events Theme
- 12. California Wildfire phishing email example
- 13. Haiti Earthquake phishing email examples
- 14. Coronavirus (COVID-19) phishing email examples
- Exploit Based Phishing Category
Credential Based Phishing Category
Credential based phishing scams target the usernames & passwords, bank and credit card numbers, and other personally identifiable information (PII) of their victims.
For these, malicious actors have a number of very common themes they like to use to steal victims’ account credentials.
Here are some of those themes and the very common phishing email examples that fall under them:
A. Financial and Payment Services Theme
Financial themes are a huge favorite of Phishers for two reasons. The response rate to the emails are high. Secondly, they very quickly reach the actualization of the phishing goal—which is the aquisiton of the account details, usernames, and passwords of their victims that will enable them empty the accounts.
Almost everyone makes use of some financial institution or online payment service and thus would promptly open and typically respond to a notice from any such institution.
Phishers are aware of this hence the reason for the countless varieties of financial phish themes. Some of the most common financial phish themes include the following:
- There has been a number of invalid or suspicious login attempts on your account.
- Your account has been suspended, locked or disabled.
- Your account details are missing, incorrect or needs updating.
- You are overdue on paying taxes or for a tax refund.
Now here are a few real-life examples of phishing emails in the wild using these financial themes to steal account credentials.
1. Wells Fargo phishing email examples
2. Bank of America phishing email examples
3. PayPal phishing email examples
4. Turbotax (tax filing) phishing email examples
5. IRS (tax refund) phishing email examples
6. Amazon phishing email examples
B. Social Media Threats Themes
Phishing attacks leveraging social media as it’s delivery, distribution, and target acquisition channel is another common theme we are seeing more in the wild these recent times.
In fact, the honorable folks at the Anti-Phishing Working Group (APWG) describe this as the Modern Face of Phishing.
So it would seem normal when you get an email purporting to be from one of these social media services notifying you of a friend request or asking you to check out a link.
This could just be a phishing email targeting your account credentials. Some common social media phish themes you may see include:
- You have a new friend request or connection invitation
- You have important pending notifications
- Someone shared a document with you
- You have violated terms of service
Below are some of the actual examples of phishing emails that are being sent around using the above themes.
7. Facebook phishing email examples
8. Linkedin phishing email examples
9. Google Docs phishing email examples
10. Microsoft phishing email examples
Action Based Phishing Category
Action based phishing scams are designed to target victims with the sole purpose of manipulating them to take a compromising action which will bring an IMMEDIATE gratification or profit to the attacker.
Again, malicious actors have a number of very common themes that have proven highly successful in eliciting actions from unsuspecting victims.
Here are some of those themes and real life phishing emails that fall in this category:
A. CEO Fraud Theme
CEO Fraud or BEC scams as the FBI likes to call it is a term we use to describe the attack where malicious hackers send phishing emails pretending to be a top executive (usually the CEO, CTO, CFO) of a company in an attempt to trick or fool lower-level employees in the finance and accounting departments to make wire transfers of company funds thinking they were acting on the orders of that executive.
5 Common Attack Scenarios in a CEO Fraud or BEC Scam according to the FBI are:
- Business working with a foreign supplier: This scam takes advantage of a long-standing wire-transfer relationship with a supplier, but asks for the funds to be sent to a different account.
- Business receiving or initiating a wire transfer request: By compromising and/or spoofing the email accounts of top executives, another employee receives a message to transfer funds somewhere, or a financial institution receives a request from the company to send funds to another account. These requests appear genuine as they come from the correct email address.
- Business contacts receiving fraudulent correspondence: By taking over an employee’s email account and sending invoices out to company suppliers, money is transferred to bogus accounts.
- Executive and attorney impersonation: The fraudsters pretend to be lawyers or executives dealing with confidential and time-sensitive matters.
- Data theft: Fraudulent emails request either all wage or tax statement (W-2) forms or a company list of personally identifiable information (PII). These come from compromised and/or spoofed executive email accounts and are sent to the HR department, accounts or auditing departments.
11. BEC phishing email examples
B. Current or High-profile Events Theme
Current events or high-profile events scams are scams where heartless scammers that lack human empathy use tragedy affecting a lot of people as an opportunity to steal from the bereaved and highly emotionally grieved masses.
Examples are when a national disaster such as a hurricane, earthquake, landslide, typhoon, or this current COVID-19 pandemic strikes, malicious actors swing into action to cash out of the situation.
It’s so sad to know that not everyone who sees these horrors feel empathy for their fellow man.
Some of the ways we’ve seen malicious people take advantage of the disasters is by:
- Phishing users with fake charity websites asking for donations via credit card or bank transfers.
- Vishing people with a realistic pretext that matches the current situation.
- Going in person from house-to-house actually knocking on doors and soliciting people give them claiming it’s for assistance for the victims of the disaster.
Phew! That’s a lot to swallow for you I believe. But it’s happening and it working great for these heartless scammers.
Below are a few real life examples of these kind of phishing emails.
12. California Wildfire phishing email example
13. Haiti Earthquake phishing email examples
14. Coronavirus (COVID-19) phishing email examples
Exploit Based Phishing Category
Exploit based phishing scams are designed to load malware onto a victim’s computer or smartphone to gain persistent control over the device in order to get a foot in the door to launch more sinister attacks.
Here are some of the themes and real world phishing email examples in this category:
15. RSA phishing email example
I will be doing this section a huge disservice if I didn’t mention the RSA phishing that took place in 2009. This is an epic example of a malware based phishing attack.
16. Ransomware phishing email examples
There you have it, 50+ phishing email examples from real-world attacks. I’m sure you are shocked and short of words right now seeing the extent cybercriminals could take their malicious craft to, especially if you’ve been oblivious of cyber security matters.
The problem of phishing is a BIG one because it not only uses technological weapons, it also attacks one’s psychology and emotions too.
Well, it’s not all gloom & doom, because something can actually be done about this problem of phishing. And that is to provide internet users with sufficient awareness, quality training & education that is complete with “teachable moments” (like I have done here by using real-life examples to explain phishing).
Thank you for reading. Would you please share this post with your friends & colleagues? Because you’d be helping them too to get that teachable moment I talked about!