Email Phishing

Email phishing is a common cyber attack designed to trick individuals into disclosing personal information or transferring money to the perpetrator. Cybercriminals use social engineering to camouflage the spam email as legit. These social engineering techniques to generate panic, fear, and prompt the user to take action.


Types of email phishing:
  1. Traditional Phishing—A general phishing technique not targeted at a specific individual or organization
  2. Spear Phishing—Phishing directed at specific individuals, positions, or organizations
  3. Whaling—A  specific kind of spear phishing that targets high-profile subjects, such as executives, government officials, etc.
  4. CEO Fraud—A cybercriminal will act as a CEO or authority figure of a business to gather confidential information or payments from employees
  5. Pharming—Uses domain naming system (DNS) to modify or tamper with a host’s website URL to redirect individuals to a fake site
  6. Content-Injection Phishing—Malicious code is inserted into a website that guides users to enter confidential information, which is then received by the perpetrator
  7. Man-in-the-Middle-Phishing—Phishing that involves cybercriminals extracting information as it is entered into a website



How to Spot a Phishing Email:



To create a link within an email, the sender has to create a link. It is possible to link any group of words to a website. Cybercriminals use this tactic to send individuals to links that appear legitimate but are actually different than the text of the link.

Things to look for:

  • Shortened, unfamiliar, or odd URLs
  • URLs containing a slightly changed domain name
    • Example: vs. (notice the “L” in place of the “I”)
  • Double check to make sure a link leads to the appearing destination
    • Before clicking on a link or image in an email, hover over the URL with your cursor to see if the actual URL matches up with the showing URL
    • To check for link destination, you can also copy the link and paste it somewhere else to see if it matches the appearing link.



Spelling & Grammar

If an email has blatant spelling or grammatical errors, it could be a phishing email. Professional companies and organizations have writing and editing staff that prevent mass emails from being sent out with clear mistakes.

Things to look for:

  • The email doesn’t make complete sense
  • Capitalization errors
  • Misspelled words
  • Bad grammar




If an email is from a reputable company, the email will more than likely contain graphics, a logo, a personal greeting, a digital signature, and in an easy-to-read format. Cybercriminals often imitate popular companies to gain user’s trust.

Things to look for: 

  • Off or incorrect logos
  • Fuzzy pictures or graphics
  • A generic or informal greeting
  • Lack of a digital signature and/or contact information



Sender Information

One quick way to recognize a phishing mail is by evaluating the sender name and email.

Things to look for:

  • An unrecognized sender name
  • An unofficial or unrecognized email address
  • The sender email address doesn’t match up with the company → reputable companies do not use Gmail, AOL, Yahoo, etc. An email from a legitimate company will have an email address containing the company name:


Threats or Urgent Messages

Cybercriminals use social engineering techniques like threats and urgent messages to initiate a quick response from individuals. One thing to note is that legitimate companies and organizations will never ask for confidential information over an email.

Things to look for:

  • Threats that security has been compromised  
  • Requests to “click here”
    • To verify information
    • For a password update or check
    • To enter personal information
    • To claim a prize
  • Urgent actions required
    • “Or your account will be closed”
    • “If you fail to respond…”
  • Security alerts
  • Urgent messages to claim prizes
    • “You have won!”
    • “Congratulations!”



Cybercriminals will try to entice users to click on attachments in order to download malware. One type of malware that can be downloaded through attachments is ransomware, which you can read more about here.

Things to look for:

  • Unfamiliar or unlabeled attachments
  • A prompt to enable macros In order to view the attached document


Requests for Personal Information

Legitimate organizations will never ask for personal information over an email. Be wary of emails that request confidential information such as:

  • Mother’s maiden name
  • Credit card numbers
  • Bank account information
  • Date of birth
  • Social security number
  • Login Credentials




Phishing email examples from UC Berkeley:




If you would like more information, or you have questions or concerns about how you can protect yourself and/or your organization, contact us!