PROBABLYPWNED
Home/Guides/Phishing Email Examples

Phishing Email Examples

Real-world phishing examples and the red flags that expose them. Learn to spot phishing before you click.

Last updated: January 20258 min read

The 5-Second Check

Before clicking any link in an email, ask:

  • Does the sender email actually match the company?
  • Is there urgency or a threat pushing me to act fast?
  • Does the link go where it claims? (Hover, don't click)
  • Would this company really contact me this way?

What is Phishing?

Phishing is a social engineering attack where criminals impersonate trusted entities—banks, tech companies, employers, or government agencies—to trick you into revealing sensitive information or taking harmful actions.

Despite decades of awareness efforts, phishing remains the most common initial access vector for cyberattacks. Modern phishing campaigns are sophisticated, often using AI to craft convincing messages and cloned websites that look identical to the real thing.

Common Phishing Email Types

PHISHING EXAMPLEPassword Reset Scam

From: [email protected]

Subject: Urgent: Your Microsoft account will be suspended

Dear Customer,

We detected unusual activity on your Microsoft account. Your account will be suspended within 24 hours unless you verify your identity.

Click here to verify your account now

Microsoft Security Team

Red Flags:

  • Fake domain: "microsoft-account-verify.com" is not Microsoft's domain
  • Urgency: "24 hours" deadline creates panic
  • Generic greeting: "Dear Customer" instead of your name
  • Vague threat: "unusual activity" without specifics
PHISHING EXAMPLEFake Invoice Attack

From: [email protected]

Subject: Invoice #INV-2025-0847 requires immediate payment

Please find attached invoice for services rendered. Payment is overdue.

📎 Invoice_January_2025.pdf.exe

Process payment immediately to avoid service interruption.

Red Flags:

  • Fake domain: "docusign-invoices.net" is not DocuSign
  • Double extension: ".pdf.exe" is malware disguised as a PDF
  • No context: Doesn't mention what service or company
  • Pressure: "immediately" to prevent thinking
PHISHING EXAMPLECEO/BEC Fraud

From: [email protected]

Subject: Urgent - Need your help

Hi,

I'm in meetings all day but need you to handle something urgent. Can you process a wire transfer for a vendor payment? I'll explain later.

Please don't mention this to anyone yet - it's confidential.

Thanks,
John Smith, CEO

Red Flags:

  • Lookalike domain: "company-corp.co" instead of official domain
  • Secrecy request: "don't mention this to anyone"
  • Bypasses process: Real executives don't request wire transfers this way
  • Unavailable for verification: "in meetings all day"
PHISHING EXAMPLEDelivery Scam

From: [email protected]

Subject: Your package could not be delivered

We attempted delivery of your package but were unable to complete it.

Tracking #: 7829461058234

To reschedule delivery, please confirm your address and pay the $2.99 redelivery fee:

Update Delivery Preferences

Red Flags:

  • Fake domain: FedEx uses fedex.com, not "fedex-tracking-update.com"
  • Small fee: $2.99 seems harmless but captures your credit card
  • Generic: No specific package details you'd recognize
  • You didn't order anything: Random delivery emails are almost always scams

How to Spot Phishing Emails

✉️

Check the Sender's Email Address

Hover over the sender name to see the actual email address. Legitimate companies use their official domain (e.g., @microsoft.com, @chase.com), not lookalikes.

🔗

Hover Over Links Before Clicking

The displayed text and actual URL are often different. Hover to see where a link really goes. If it doesn't match the claimed company, it's phishing.

⚠️

Beware of Urgency and Threats

"Act now or lose access" is a manipulation tactic. Legitimate organizations don't threaten to suspend your account via email with a 24-hour deadline.

📞

Verify Through Official Channels

If an email seems legitimate but feels off, contact the company directly using contact info from their official website—not from the email.

📎

Don't Open Unexpected Attachments

Attachments are a primary malware delivery method. Be especially wary of .exe, .zip, .js files or documents with macros.

What to Do If You Clicked a Phishing Link

  1. Don't enter any information—close the page immediately
  2. Disconnect from the internet if you downloaded anything
  3. Run an antivirus scan on your device
  4. Change passwords for any accounts you may have exposed
  5. Enable MFA on all important accounts
  6. Report the phishing email to your IT department or email provider
  7. Monitor your accounts for suspicious activity

How to Report Phishing

  • Gmail: Click the three dots → "Report phishing"
  • Outlook: Select message → "Report message" → "Phishing"
  • Apple Mail: Forward to Loading...
  • US Government: Forward to Loading...
  • Anti-Phishing Working Group: Loading...

FAQ

Can phishing emails contain viruses?

Yes. Attachments can contain malware, and some phishing links lead to pages that attempt drive-by downloads. See our What is Malware? guide.

Why do I get phishing emails to my work email?

Work emails are often leaked in data breaches or harvested from LinkedIn and company websites. Attackers specifically target business emails for higher-value fraud.

Can phishing happen via text message?

Yes, this is called "smishing" (SMS phishing). Fake delivery notifications and bank alerts via text are extremely common.

Related Guides

Online Safety Tips

Essential practices for staying safe online

What is Malware?

Understand different types of malicious software