Santa Clara University

Information Security Office

Phishing Examples

RSS Subscribe to Phishing Examples
 
 
RSS

A Phishing Guide: Don't Get Fooled by Emails

Don't know what phishing emails looks like? Well, you've come to the right place! Here, you will find examples of phishing emails and how to spot them.

  •  University Phishing Email Example

    Thursday, Apr. 24, 2014

    "Update your account."

    "Confirm your identity."

    "Failure to do so will cause your account to be immediately deactivated."

    Do these statements seem familiar? If so, you might have come across another type of phishing email. These types of emails create a sense of urgency by saying that the account will be deleted immediately. This might cause some people to panic and not pay attention to what they are clicking or replying to. Always take precautions when you see the key words: failure, immediately, and deactivated in one sentence.

    Click on the thumbnail to view the example. This particular example is a University Webmail message that asks the users to comfirm their identity by providing the email address, username, and password. We have underlined and boxed the things you should watch out for. 

    Tip: You can always check the email address that is sending you the message. If the domain seems unfamiliar, wrong, or unexpected, it might be a phish email. For example, if you receive an email from the SCU ISO website, then the domain should be @scu.edu and not @outlook.com. Make it a habit of checking the small details when an email looks suspicious. Phishing emails often look legitimate until you look closer. 

  •  Bank Phishing Email Examples

    Thursday, Apr. 10, 2014

    Some of the most common phishing emails that people receive are emails from banks informing their customers that their accounts needs to be updated or verifed or that a credit card has been approved. Often times, these emails use legitatimate looking logos, but do not be FOOLED. Banks will never ask you for personal information regarding your password or PIN. Please be wary of emails that asks you for these things. Most likely, it is a phishing email. 

    NEVER CLICK ON A LINK if the email seems to be suspicious. Usually, the link will take you a bogus website designed to look like the actual bank website. You can always roll over the link to see where it will take you (check the bottom of your browser). If you are still in doubt, call your bank.

    In this post, there are three examples of bank phishing emails (go to this blog post and click thumbnails to expand images):

    • Nigeria Republic Branch: This email is suspicious because an ATM card was approved even though you didn't apply for one. Also, pay attention to the name of the bank. 
    • NetBank: Be wary of links. Again, NEVER CLICK ON LINKS. Go to the actual website if you need to sign in. 
    • Wellsfargo: The logo makes it seem like it's the actual bank emailing you. But it's not. Similar looking emails will have some sort of link for you to click on to verify your account. DO NOT CLICK IT. If you must sign in, open a new tab and go to the bank's official webpage first.  

    For your convenience, we have boxed or underlined the parts of these phishing examples that you should always look out for.

     

     

Information Security Office, 1-408-554-5554, iso@scu.edu