Examples of Phishing Emails

Here are some examples of actual Phishing emails. We have indicated the suspicious features of each email. For a full list of things to watch out for, read the article “Detecting Phishing Emails”.

Slide 1: “Internet Banking Security Reminder!.”

This phishing email targets Kiwibank customers. The subject line has the prefix “[PMX…]”, which was added by Puremessage, the Anti-Spam system used at the University of Otago. Some other antivirus programs have a similar feature.

The most obvious indications that this email is fake are:

  • The link does not go to Kiwibank
  • The sender is simply specified as “Kiwibank Limited”; there is no individual or department named.

 

Slide 2: “Facebook Technical Support sent you a notification”

This phishing email targets Facebook users. This is a screenshot from Gmail, which looks different compared to email software like Outlook and Thunderbird. The link preview text is in the lower left corner, instead of appearing as a popup.

The most obvious indications that this email is fake are:

  • The sender has an email address ending in “…onlinehome-server…”.
  • There is no indication that the sender even knows the name of the recipient.
  • The “Go To Facebook” link actually goes to a website that isn’t Facebook

 

Slide 3: “You Have One Important Security Message”

University of Otago staff were specifically targeted in this phishing email. However, the general style of the email is easily modified to suit any target – the attacker just needs to change the “From” address, and the last line of text in the email.

The most obvious indications that this email is fake are:

  • The “Click here to View Message” link goes to a non-Otago website.
  • The format of the notification is unusual.
  • The sender is simply specified as the “…Webmail Service”; there is no individual or department named.

 

Slide 4: “Warning Alert!”

This phishing email was also targeted at the “Unoversity” of Otago.

The most obvious indications that this email is fake are:

  • The “From” address is inconsistent with itself. The first part reads “helpdesk@otago.ac.nz”, and the second part ends with the name of a different organization.
  • The link given is obviously not to an Otago website.
  • The sender is simply specified as the “Unoversity of Otago” [sic]; there is no individual or department named.

 

Almost all phishing emails can be easily detected – it just takes a bit of critical thinking. Read our other article, “Detecting Phishing Emails” for more information.

 
 
 

Any views or opinion represented in this site belong solely to the authors and do not necessarily represent those of the University of Otago. Any view or opinion represented in the comments are personal and are those of the respective commentator/contributor to this site.