How to protect yourself from email phishing

What is a phishing email?

Phishing emails use URL phishing techniques to deceive you into clicking on malicious links. Scammers might lure you in with an exciting deal, scare you with a fake threat, or pretend to be someone you trust, like a family member or a familiar service. Their goal is to trick you into clicking a link that appears safe but leads to a malicious website.

The term “phishing” comes from “fishing” because criminals cast out fake “bait” — legitimate-looking emails — hoping you’ll “bite” by clicking on malicious links and providing sensitive information such as your credit card details, passwords, or account numbers.

How do phishing emails work?

Phishing emails work by pretending to be from a legitimate source, such as your bank, employer, social media page, or even a friend or family member. These emails often include a message designed to grab your attention — like a fake warning that your account has been compromised, an offer too good to pass up, or a request for urgent help.

You’ll usually find a link within the email that leads to a fake website. On that site, you might be tricked into entering sensitive data, like your password, credit card number, or other personal details, which the scammers can then steal and use for their gain.

For example, imagine you receive an email warning that appears to be from your bank, urging you to click a link to verify your identity. Worried about your money, you click the link, which takes you to what looks like your bank’s website. Without thinking twice, you enter your login details. But instead of securing your account, you’ve clicked on a phishing link and handed your information to scammers, who can now access your real bank account.

Phishing email examples

Phishing email scams can appear in your inbox disguised as messages from trusted sources. Knowing what these emails look like can help you avoid falling victim to them.

Cryptocurrency scams

A crypto deposit phishing email will try to fool you into thinking a large amount of cryptocurrency has been added to your account. These emails usually include details like the amount deposited, a customer ID, and a password to make the message more convincing.

The email in the screenshot is a classic example of this scam. It claims that 39 Bitcoins have been deposited into your account and includes a link to a fake website. This phishing email aims to create excitement, tricking you into clicking the link.

Banking scams

You might receive an email claiming you’ve set up a new payee or warning you about suspicious activity with your bank account. These emails are often part of banking scams and will urge you to click a link to confirm or verify details. Be cautious, as these links typically lead to fraudulent websites designed to steal your information. Curiosity might tempt you to click the link, but if you don’t have an account with that bank — don’t click any links.

Social media phishing email

A social media phishing email might look like a security alert from Facebook, Twitter, or Instagram. To make you panic, it warns that your account could be compromised if you don’t take immediate action. It then urges you to click a link to change your password. If you enter your password, scammers can steal your credentials and take control of your account.

The CEO phishing email

A cybercriminal opens LinkedIn and notices that the CEO of a company is abroad. They then send a phishing email to an employee, posing as the CEO or an executive, asking them to transfer funds to a foreign partner to help the CEO. The employee, trusting the request, quickly transfers the money — directly into the hacker’s account.

This scenario is a classic confidence trick, where the scammer exploits the victim’s trust to commit fraud. It’s also known as a business email compromise.

Package delivery failed

A “package delivery failed” phishing email is designed to trick you into clicking on malicious links or giving away personal information. These emails often claim to be from UPS or other popular courier services like FedEx or DHL. They urge you to click a link to reschedule the delivery or view the details. These emails are often examples of clone phishing, where attackers copy a legitimate email and replace the links with malicious ones.

The link typically leads to a fake delivery service website that looks almost identical to the real one. Once there, you might be asked to enter personal information, like your address, phone number, or even payment details. Simply clicking the link can sometimes install malware on your device — an attack known as a drive-by download.

Fake Google Docs login

In a Google Docs phishing scam, a cybercriminal creates a fake Google Docs login page and sends a phishing email to trick you into logging in. The email might look like it’s from someone you know, with a subject line that says, “[Your Friend] has shared a document on Google Docs with you.” Once you enter your information on the fake login page, the cybercriminal can gain access to your Google account.

Congratulations! You have won…

These and similar “Congratulations, you’re today’s lucky visitor” emails are all phishing attempts. Although they’re well-recognized, scammers still send these phishing emails, hoping that excitement will override your judgment about the email’s legitimacy.

You have received a payment of…

A phishing email claiming that you have received a payment (when you didn’t expect one) is designed to trick you into clicking on malicious links or giving away personal information. These emails usually include details like the amount and sender’s name to make the payment seem real.

The link in the email typically takes you to a fake, well-known payment platform like PayPal that looks just like the real one. Once there, you might be asked to log in or confirm your account details. If you do, scammers can steal your credentials and access your account.

How to spot a phishing email

You can identify phishing emails by analyzing their contents. Pay attention to these warning signs:

1. Check the sender’s email address. Scammers often use email spoofing to make the sender’s address look legitimate, but a closer look can reveal something is off. The email might mimic a trusted company’s address with slight variations, like a misspelled domain (“paypall.com” instead of “paypal.com”).
2. Be wary of generic greetings. Scammers often use generic greetings in phishing emails to reach large groups quickly. Instead of personalizing the email with your name, they may use a generic greeting like “Dear customer” to save time and widen their target audience.
3. Beware of urgent messages. No legitimate business will ever rush you into making quick decisions by threatening to cancel your orders or suspend your account. Phishing emails often create a sense of urgency and provoke panic, urging you to act swiftly and make rash decisions.
4. Look for spelling and grammatical errors. Scammers don’t typically take the time to check that their English is correct.
5. Look for suspicious attachments. It’s not just suspicious file types like .zip, .exe, or .scr that should raise a red flag — even trusted formats like PDFs and Word files can be risky. So take a moment to think twice before you click on any attachment.
6. Beware of emails that offer you gifts or money. Too-good-to-be-true emails often lure you in with promises of gifts or money if you click a link or open an attachment. If the sender is unfamiliar or you weren’t expecting the message, it’s most likely a trap.

You can also take a look at our guide to learn more about how to spot a phishing email.

What should you do if you receive a phishing email?

Getting a phishing email can be unsettling, especially if you’re unsure how to handle it. But don’t worry. If one lands in your inbox, just remember to:

• Avoid clicking any links or opening attachments. They could be harmful.
• Don’t reply or engage with the sender. It’s best to ignore them.
• Report the email, then delete it to avoid accidentally engaging with it.

How to report a phishing email

Every report counts. By sharing your experience, you help authorities track down scammers and prevent them from targeting more people. You can report phishing emails from unknown senders in several ways.

• Internationally: Forward phishing emails to the Anti-Phishing Working Group (APWG) at reportphishing@apwg.org.
• In the US: Report phishing attacks to the Federal Trade Commission (FTC) via their website.
• In the UK: Report phishing attacks to the National Cyber Security Centre (NCSC) by forwarding the email to report@phishing.gov.uk.
• In Australia: The Australian Competition and Consumer Commission (ACCC) handles these reports.
• In Europe: Refer to EUROPOL to find the reporting website for your country.

You can also report phishing emails directly to your email provider. Most email services offer a “Report phishing” option.

How to avoid falling victim to phishing email scams

Most phishing attempts aren’t very sophisticated, and you can often spot them with common sense and the SLAM method. However, as phishing emails evolve and become more challenging to recognize, a few extra tips on avoiding them can go a long way.

Don’t rely on spam filters alone

Most email providers punish users who send phishing emails by directing their messages straight to the spam folder. However, crafty criminals often find new ways to bypass these filters. Consider using anti-phishing software to scan incoming emails and detect phishing attempts.

Double-check the product advertised

If you receive an email offering ticket giveaways for an expensive trip, double-check if the offer is valid before clicking any links. Curiosity is natural, but before you share any sensitive information, search for the offer on Google first. And remember — if it sounds too good to be true, it’s probably a scam.

Use a low-limit credit card

Consider using a separate credit card for online purchases to prevent a hacker from draining your bank account. You can also use a virtual credit card for single or recurring payments to protect your main account.

Use firewalls

A firewall acts as a buffer between your computer and online threats, helping to reduce the chances of phishing attacks reaching your device. By blocking suspicious traffic and preventing access to risky sites, firewalls are a useful tool for phishing detection.

Avoid pop-ups

Pop-up windows often look like legitimate parts of a website, but most are phishing attempts. Consider using NordVPN’s Threat Protection Pro™ feature, which blocks pop-ups, banner ads, and video ads.

Use multi-factor authentication (MFA)

MFA adds an extra layer of protection to your accounts. Even if a phishing email tricks you into giving away your password, the attacker still needs a second verification step — like a code sent to your phone or generated by an app — to access your account.

Avoid sharing personal information

The less personal information you share, the fewer details attackers can steal and use against you. Reducing the amount of shared information helps protect you from data theft. It also makes phishing emails that lack personal details easier to spot as fakes, making you less likely to fall for them.

Regularly update your software

Software updates fix security flaws that hackers could use in phishing attacks or data breaches. Keeping your software up to date reduces the risk of these vulnerabilities being exploited against you.