Phishing Email Examples

Phishing emails prey upon our lax attention. Here are some of the tactics used in common phishing email attacks.

Things to Verify

Verify sender address

Even though sender email addresses can be spoofed to appear from a legitimate source, you should verify that the sender’s address is what you expect.

Note
Legitimate Address

Note that the sender address in this legitimate email from Comcast/Xfinity has a comcast.net domain.
xfinity highlight sender correct
Caution
Legitimate Address; Phishing Email

Note that the sender address in this phishing email also uses a comcast.net domain. It is possible to spoof the sender’s address.

You should still verify the addresses of links before you click them. Look at the URL on the bottom of the image to verify.
xfinity highlight sender phish

Verify URL Destinations

Phishing emails use links to send you to websites where while they look legitimate, they are not legitimate.

Use your mouse to hover over links or long-press on a touch-based device to show where the link will send you before you click on it.

Attackers hide dangerous links in the following ways:

  • Using a "look-alike" domain, comcast.com.rse2d34s.attacker.url instead of comcast.com, for example

  • Using URL shortener to hide URLs.

    • Something like tinyurl.com or the like.

Note
Legitimate Email; Legitimate Link

Hover over or long-press the link or button before you press it.

This email has safe links as they point to an xfinitiy.com domain.
xfinity highlight correct

Example of a legitimate email from Google Docs

Note
Legitimate Email; Google Docs

Hover over or long-press the link or button before you press it.

This email has safe links as they point to a docs.google.com domain.
googledocs good
Caution
Phishing Email; Google Docs

Compare the above email to this one.

This email does not have safe links as they point to a badsite.url domain.
googledocs bad

Trust Your Email Provider and Email Client Warnings

Often you will get warnings either from your email provider or the email client itself.

You should trust those warnings and give any email containing said warnings a thorough vetting.

googledocs warn

Verify Attachments are Expected

Computer Viruses and malware are often included in attachments.

You should not open an attachment you are not expecting, even if it is from a contact you know and trust.

attach