Scammers love a good phishing email scheme because they’re so efficient. With the creation of one real-looking message, they can try to trick hundreds, if not thousands of people into revealing the information they’re looking for. From banking and credit card information, to usernames and passwords, they do their best to create an email lure to reel you in.

Each phishing attempt can look different from another. Some may include a link, others may have a malicious attachment, and another may simply ask you to reply. With the huge variety of methods out there, are you really sure you can spot a phish?

Test your spotting skills by looking at six different emails we’ve received over the years—which one(s) are real and which one(s) are phishing attempts?










And last but not least…



So? Did you figure it out?

Here’s the answer:
The only real email in the bunch is the Amazon Gift Card one.

If you’re surprised or guessed any wrong, read on. You’re better off learning from your mistakes here, rather than in the real world.

What makes email 1 a phishing email?

  • The sender’s email address did not match the closing in the body of the email.
  • There is a sense of urgency: a due date and a possibly time sensitive discount.

A suspicious attachment like this one:

By itself it is not suspicious; but, when combined with the other suspicious activity, it becomes suspect.  When opened, the document would ask you to Enable Macros. If you do, it will run malware on your machine.

What makes email 2 a phishing email?

  • The sender’s email address did not come from, but claims to be from ‘The Dropbox Team’.
  • The employee getting the email was not in the ‘To’ field, but was BCC’d to hide the recipients.

If the link is clicked, you will be directed to a website on a foreign domain and then prompted to enter credentials for one of many email providers.

  • Once your credentials are entered, the attackers can then use your email to send out more spam/phishing emails.

What makes email 3 a phishing email?

  • The link directs you to a foreign, non-Microsoft domain.  You can see where links send you just by hovering your mouse over the link.
  • They are using a sense of urgency since you are almost out of space​.

What makes email 4 a phishing email?

  • There are misspellings in the email.  Poor spelling or grammar can be an indicator of a malicious email from someone in another country.
  • The email claims to be from USPS, but comes from a different domain.
  • The attachment is malicious and tries to download malware when opened.

What makes email 6 a phishing email?

  • The email is too good to be true and is trying to get you to reply to get a scam conversation started.
  • They are using a sense of urgency with the SOS subject line.
  • The employee is not in the ‘To’ field since all recipients are hidden in the BCC field.

If you ever wonder if an email is for real, there’s an easy way to find out: contact the business who apparently sent the email—but don’t use any of the information provided. Look up the company’s website yourself (don’t use any provided links), and/or give them a call (you should look that info up yourself, too). If it’s for real, someone will let you know.


One Comment

  1. the scammers create a phony email account that looks almost identical to the agent’s legit email account that was hacked – perhaps an extra hyphen or dash is the only difference. With the acquired bait and the phony email account in place, the trap is set.

Leave a Comment