Common Phishing Emails

Phishing is the attempt by hackers to obtain sensitive information such as passwords or credit card details from a victim by pretending to be a reputable organization via electronic communication channels. Most hackers launch their campaigns over email. Email accounts are free and easy to set up, and hackers can send to a vast number of people with ease.

These emails can take many different forms, but all have the same common goal; defrauding an individual for the personal gain of the scammer. Although many hackers design campaigns for their own use, some formats are widely copied used across the Internet. Despite the notoriety of these formats, a significant amount of Internet users still fall for them each year.

Here, we detail some of the most common forms of phishing emails that have surfaced over the years and are still used to trick people today.

The “mugged on vacation” scam:

Although widespread, this scam is technologically crafty; the phisher plants software on one of your contact’s computers and uses it to send you an email telling you that your friend was  mugged while on holiday and “urgently” needs your help getting back home. The hacker, purporting to be your friend, asks you to send money to your account to help pay hotel bills or for an early flight back home.

This scam is particularly successful as it makes an emotional request to the user to assist a friend in their time of need. However, with some sensible precautions, falling for this scam can be avoided. By simply calling the person who has allegedly sent you the email, you can check the legitimacy of the claim. Alternatively, send an email back to them, asking them very specific questions about your relationship with the individual that the phisher can’t guess. You’ll find out pretty quickly if your friend is in danger or not.

The Nigerian email scam:

The Nigerian email scam is one of the most famous scams in from the early days of the Internet, and yet despite its notoriety, people still fall for it. According to the FTC, nearly 350,000 cases of this scam were reported in 2017.

This format involves someone who has mysteriously obtained millions of dollars and needs a way to get it out of the country. Despite having all of this money, they require you to send them money to pay legal fees and for plane tickets, and if you do, they’ll share their fortune with you. The  emails are often poorly written, and start along the lines of “I know this message will come to you as a surprise but permit me of my desire to go into a business relationship with you” or something equally bizarre and overly-formal.

Don’t respond to these emails, or any variant of them, if they appear in your inbox. Simply deleting the emails is enough to protect yourself against the attacks.

The fake check scam:

Phishers use these attacks against individuals who list things for sale online, such as on Craigslist of ebay. The phisher will contact you via email, telling you they want to buy the item for much higher than the asking price. They offer to send you a check immediately, covering the costs. However, they require you to send money in return, claiming it is for shipping or another dubious reason. Unsurprisingly, the check they send you is fake, but your money transfer is real. The easiest way to tell that this is happening is the initial offer of more than the asking price. They will often ask you to send the wire transfer, and the item, to another county. According to, this type of merchandise/fake check scam is nearly a third of the reports itreceives.

There are many more variations on this theme; fake charity emails, the “soulmate scam”, and dozens more. Although these are easy to spot for savvy internet users, thousands of people still fall for them every year, so a little caution goes a long way.