Phishing Email Templates

CanIPhish maintains an ever-evolving library of free phishing email templates that update with the latest trends. Take a look at our library and see the emails for yourself!

Gray dot header

How phishing emails trick victims

Phishing emails typically have a common set of goals that can be used to identify what type of attack is taking place. These goals usually involve credential harvesting, endpoint compromise, or business email compromise (i.e., reply-to attacks). Armed with an understanding of what an attacker's goal is, you can identify the techniques an attacker will likely use to trick its victim into interacting with the phish.

For credential harvesting, an attacker will craft a phishing email that contains links or buttons that lead to a malicious website. For endpoint compromise, an attacker will craft a phishing email that contains a malicious attachment, enticing the victim into downloading and opening it. For business email compromise or reply-to attacks, an attacker will craft a phishing email that attempts to have the victim respond to them. Ultimately, all phishing emails have a malicious goal and intention behind them.

Equipped with this information, take a look at our fake email templates and see if you can spot the goals behind them! Looking for a phishing email generator? Create a free account or try our email inbox simulator to see the unique ways we create phishing emails.

QR Code Enter to Win Email
Email asking employees to review a policy using a QR code as the method of interaction.
QR Code Office 365 Email
Office 365 themed email utilizing a QR code attack.
QR Code Google Workspace Email
Email prompting an employee to use a QR code to verify themselves.
HR Device Violation Email
Email from HR advising the employee has breached the device policy
Pento Password Expiry Email
Password expiry email leading to Pento login phishing site
Jenkins Unauthorized Access Attempt Email
Jenkins Security Breach Detected
Udemy Credits Email
Udemy email sending users free credits
Bank of America Suspicious Activity Email
Bank of America advising unusual activity with a link to login
Adobe Security Details Changed Email
Adobe email alerting user security details have changed
Tik Tok New Device Email
New Device Login Attempt
Teams Message Email
Missed Teams message that leads to credential harvesting
Sharepoint Access Request Email
Credential harvest attack using SharePoint request access function
Google Drive Shared File Email
Zendesk Offline Chat Email
Zendesk offline chat message
Zendesk Password Reset Email
Zendesk Password Reset Request
Trello Workspace Invitation Email
Trello workspace invitation.
Stripe Password Update Email
Stripe password updated.
Prezzee Gift Card Email
Prezzee gift card sent from company.
Dashlane New Device Email
Dashlane new device authentication code.
Bitwarden New Device Email
Bitwarden new device login notification.
1Password Password Change Email
Password change request for 1Password.
Conference Attendance Reply To Email
Using a fake email chain to trick employees.
Business Opportunity Reply To Email
Promises a lucrative business opportunity.
Lyft Company Rides Email
Free company rides.
Xero Password Expiry Email
Xero password is expiring soon.
Xero Profit Loss Statement Email
Quarterly company profit and loss statement
CRA Payment Form Email
Download your CRA payment form
Google Meeting Invite Email
Google Meeting Invitation
ADCB Unread Message Email
ADCB Unread Message Notification.
STC Service Suspended Email
STC Account Suspension Notification
AMEX Card Confirmation Email
American Express new card request
Slack Password Reset Email
Slack password reset request
Office365 Password Reset Email
Password reset code for an Office365 account.
African Bank Unread Message Email
African Bank Unread Message Notification.
GitHub OAuth App Email
An OAuth App has been added to your account
Spam Filter Quarantine Email
Emails quarantined pending release
Deliveroo New Address Email
New address registered on Deliveroo account
Uber New Device Email
New device sign-in for Uber account
Zoom Invite Email
Zoom group invitation
Starbucks App Email
Starbucks app notification
Salesforce Reset Password Email
Salesforce password expiration notification
Netflix Reset Password Email
Netflix password expiration notification
DocuSign Sign Document Email
DocuSign expense declaration signature
Canada Post Parcel Email
Canada Post delivery failure
Amazon Black Friday Email
Amazon Black Friday Promotion Notification
Verizon Service Suspended Email
Verizon Account Suspension Notification
FedEx Shipment Tracking Email
FedEx Shipment Tracking Notification
CapitalOne Card Confirmation Email
CapitalOne Card Request Confirmation
AusPost Shipping Confirmation Email
AusPost delivery failed
Concur Expense Report Email
Expense report approved
Ebay Item Purchase Email
Ebay item purchase via Paypal
COVID19 Work Survey Email
COVID19 return to work survey attachment
Job Opportunity Email
Sales job opportunity attachment
AFP Subpoena Email
AFP Subpoena with attachment notification
Office Holiday Party Email
Google Drive file share for office party
Women Equality Day Email
Google is celebrating Women's Equality Day
Update Your Badge Email
Health employees need an updated ID badge
Booking Vacation Agreement Email
HR sponsored vacation booking
Concur WFH Payment Email
Concur payment for WFH setup
JIRA Notification Email
Jira new task notification.
Groupon Deals Email
Groupon Deals Notification.
Govia Tax Invoice Email
Go via Tax Invoice Download.
CommBank Unread Message Email
CommBank Unread Message Notification.
Linkedin Password Reset Email
LinkedIn Password Reset Request.
OneDrive Word Share Email
OneDrive Word File Share.
Curious about what you can do with our simulated phishing emails?

Phishing Email Features & Capabilities

Our simulated phishing platform is highly configurable, and using our HTML email editor, you can create, generate, duplicate, or modify existing phishing emails based on organizational requirements. In addition, the HTML editor gives you complete control over email content and design.

A common use case is that your organization may use bespoke software, interact with niche vendors, or have strict compliance requirements where you need to simulate specific content.

The CanIPhish team has invested significant resources in ensuring each phishing email in our library is multi-lingual in 74 different languages. This multi-lingual capability is coupled with our phishing websites and training modules, which are also available in 74 languages.

Multi-lingual phishing is particularly important for organizations with non-English speakers or a global employee base.

Inserting content at the time of email delivery is absolutely crucial to ensuring phishing emails are as realistic as possible. In support of this, the CanIPhish Cloud Platform allows for the dynamic insertion of content such as employee first names, last names, job titles, company names, and more.

Delivering a phishing email is the first phase of running a successful phishing simulation exercise. The next phase is ensuring interactions are properly tracked and reported. This can include tracking who clicked on phishing links, who opened attachments, and who responded to phishing emails.

The CanIPhish Cloud Platform supports tracking and reporting against all three types of phishing interactions.

CanIPhish supports a variety of organizations across the globe, and while many organizations utilize global services, many also utilize localized services. These services include local banks, service providers, utility companies, etc. To ensure CanIPhish offers a diverse range of phishing templates, we selectively onboard and simulate these services at customer request.