The 25 Most Dangerous Phishing Email Examples In 2024 (How And Why)

The 25 Most Dangerous Simulated Phishing Emails Banner
Author profile photo
Sebastian Salla Published: January 12, 2023 (Updated: January 17, 2024)
Follow:

What Makes A Phishing Email Dangerous?

Think of phishing emails like you would a spy who is trying to entice information out of a government official.

The spy must be subtle and maintain a low profile while having a good cover story and reason for interacting with the official. This cover story needs to provide the official with enough evidence that the spy is a legitimate individual, but not out-of-ordinary enough that it makes them suspicious.

Like the spy, a phishing email must appear to come from a legitimate service or individual, have a strong call-to-action, and not seem out of place from the victim's perspective.

With this in mind, let's delve into the most dangerous simulated phishing emails seen across the CanIPhish customer base!

Jump To The #1 Most Dangerous Phishing Email Example

What You'll Learn In This Article.

  • The phishing techniques that cyber criminals use to socially engineer victims.
  • How cyber criminals learn to think like their victims.
  • How to send simulated phishing emails to employees.
  • Why you should use dangerous phishing emails when sending phishing simulations.

The Most Dangerous Phishing Email Examples

The following 25 phishing emails compromise between 30% and 54% of employees, with the ability to trick even the most trained IT and cyber security professionals. Let's start from the top!

#25 Zoom Invite Scam

Compromise Rate: 27% | Personalization: None | Attack Type: Credential Compromise (Link)

When the pandemic enveloped the globe, transforming home spaces into offices, Zoom rapidly evolved into a household name, becoming synonymous with the work-from-home culture.

Given its widespread use, particularly among remote workers, Zoom has become a prime target for scammers, who exploit its popularity to phish unwary employees.

Zoom Invite Email

  • What is this email? Adopting Zoom's familiar branding, this email announces a "Quarterly All Hands" meeting, urging users to confirm their account. It directs them to a button, which leads to a fraudulent Zoom login page.
  • Why is this email difficult to spot? Zoom's widespread use across various organizations makes this email seem routine, even for employees whose companies don't primarily use Zoom. Paired with a phony Zoom login page and a subtly disguised sender profile, spotting the deception is challenging.
  • Who is prone to falling for this phish? Employees accustomed to Zoom meetings, both within and outside their organization, are prime targets.

#24 Udemy Free Credits Scam

Compromise Rate: 23% | Personalization: First Name, Company | Attack Type: Credential Compromise (Link)

Udemy is an online learning platform for professional adults and students. It was founded in May 2010 and has become one of the leading platforms in the online learning space.

Udemy Free Credits Email

  • What is this email? Utilizing the recognizable Udemy branding and design, this cunning email informs employees that they must log in to claim the USD$200 credit. The catch is in the login attempt.
  • Why is this email difficult to spot? Expertly mimicking Udemy's format, the email includes a personalized message and a straightforward path to claim the credits. The simplicity of just clicking a "Claim Udemy Credits" button adds to its deceptive allure.
  • Who is prone to falling for this phish? Employees in companies that use Udemy for training purposes or offer learning incentives are particularly susceptible to this phishing attempt. Their familiarity with receiving benefits through Udemy makes the scam more believable.

#23 Quarantined Email Scam

Compromise Rate: 28% | Personalization: None | Attack Type: Credential Compromise (Link)

Quarantined emails are emails that an email security system has set aside because they are suspected to be spam, contain malware, or violate certain email policies. These emails are isolated from the user's inbox to prevent accidental access and potential harm.

It's good practice to check your quarantined mail periodically. Doing so helps ensure that legitimate emails are not mistakenly flagged and missed.

Quarantined Phishing Email

  • What is this email? This phishing email masquerades as a notification from the organization's spam filtering software. It prompts employees to sign into their quarantine mailbox to review seven suspected phishing attacks, leveraging a bogus sender profile for authenticity.
  • Why is this email difficult to spot? Checking quarantined emails is routine, making this email seem like a standard procedure. It also injects urgency by stating that the user has only seven days to act, aiming to rush them into bypassing their usual critical thinking.
  • Who is prone to falling for this phish? System administrators, particularly those lacking experience or training in detecting phishing attempts, are likelier to fall for this scam. Their familiarity with email security processes can ironically make them less cautious about such seemingly routine notifications.

#22 Salesforce Password Expiry Scam

Compromise Rate: 25% | Personalization: None | Attack Type: Credential Compromise (Link)

Salesforce is a leading cloud-based software company primarily known for its customer relationship management (CRM) service.

Given its widespread use and prominent position in the business software landscape, Salesforce is a key player in many companies' digital transformation.

Salesforce Password Expiry Email

  • What is this email? This phishing email plays the familiar tune of a "password expiring soon" alert. It warns users they have only three days to reset their password. Clicking the 'reset password' button or any link within the email directs them to a bogus company login page.
  • Why is this email difficult to spot? The commonality of legitimate password expiry emails adds to the confusion. Coupled with convincing Salesforce branding, distinguishing this fake from the real deal becomes challenging.
  • Who is prone to falling for this phish? Employees in organizations that utilize Salesforce are particularly susceptible. Familiarity with receiving such password-related communications from Salesforce makes them prime targets for this phishing attempt.

#21 Return to Work Survey Scam

Compromise Rate: 26% | Personalization: First Name | Attack Type: Endpoint Compromise (Attachment)

Scammers exploit global events like COVID-19 to blend malicious emails with legitimate corporate communications. As companies return to office work post-pandemic, these phishing attempts find fertile ground.

With the rise in QR code usage for payments, menus, and information sharing, especially post-pandemic, there has been an increase in QR code phishing attempts. Cybercriminals capitalize on the ubiquity and trust in QR codes to execute various scams.

Return to Work Survey Email

  • What is this email? This email urges employees to download and return an attached document, framed as a survey, for feedback on returning to the office. It taps into the innate desire to be heard and share opinions about this significant transition.
  • Why is this email difficult to spot? The email's authenticity is bolstered by personalized content and a lack of obvious red flags. Only a closer inspection of the sender's profile reveals its true, malicious nature.
  • Who is prone to falling for this phish? Employees in organizations currently navigating the shift back to office work are prime targets. Additionally, those who value having their voices heard or hold strong opinions about workplace policies might be less cautious.

#20 Win An iPhone 15 QR Code Scam

Compromise Rate: 21% | Personalization: First Name, Company | Attack Type: Credential Compromise (QR Code)

QR code phishing, also known as "quishing," poses significant dangers due to the growing popularity and convenience of QR codes. We just had to include one in the list!

With the rise in QR code usage for payments, menus, and information sharing, especially post-pandemic, there has been an increase in QR code phishing attempts. Cybercriminals capitalize on the ubiquity and trust in QR codes to execute various scams.

Win An iPhone 15 QR Code Email

  • What is this email? This email, seemingly from HR, promotes a company competition with an iPhone 15 as the prize. All you need to do is scan the QR code to get started...
  • Why is this email difficult to spot? An exciting contest combined with the ease of entry via a QR code makes this phishing email particularly convincing. Its expertly crafted appearance and feel closely mimic legitimate corporate communications.
  • Who is prone to falling for this phish? Employees drawn to the thrill of winning, especially tech enthusiasts eager for the latest gadgets, are most likely to be enticed into scanning the QR code without due caution, making them prime targets for this phishing tactic.

#19 Lyft Free Rides Scam

Compromise Rate: 27% | Personalization: First Name, Company | Attack Type: Credential Compromise (Link)

Lyft is an American ride-sharing company based in San Francisco, California. Founded in 2012, Lyft offers various services, including car rides, a bicycle-sharing system, and a food delivery service. The company is known for its mobile app, which allows customers to book a ride with a nearby driver using their smartphone.

Lyft Free Rides Email

  • What is this email? Disguised as a message from HR, this email entices employees with the offer of 10 free Lyft rides as part of a company initiative. Clicking the phishing link leads to a prompt for company login credentials.
  • Why is this email difficult to spot? Blending a typical company incentive scenario with Lyft's branding, the email convincingly bypasses suspicion for those not well-versed in spotting such deceptions.
  • Who is prone to falling for this phish? Employees in companies that routinely use Lyft or offer perks like freebies are particularly susceptible to this convincing phishing scheme.

#18 Qantas Frequent Flyer Scam

Compromise Rate: 30% | Personalization: First Name, Date/Time | Attack Type: Credential Compromise (Link)

The Qantas Frequent Flyer program is a customer loyalty program offered by Qantas Airways, Australia's largest airline. This program rewards frequent flyers and encourages customer loyalty towards Qantas and its partners.

Qantas Frequent Flyer Email

  • What is this email? This email mimics an alert for unusual account activity. The email presents two options: "No, this wasn't me" and "Yes, this was me." Both buttons deceptively lead to a fake Qantas login page.
  • Why is this email difficult to spot? Its severity makes it alarming, potentially triggering panic. In haste to secure their account, employees often overlook the usual checks to identify a phishing attempt.
  • Who is prone to falling for this phish? Those personally using Qantas Frequent Flyer, or employees in businesses that do, are especially vulnerable to this well-crafted scam email.

#17 Fake Meeting Scam

Compromise Rate: 30% | Personalization: None | Attack Type: Credential Compromise (Link)

Google Meet is a powerful video conferencing tool that many businesses and individuals around the globe commonly use. Due to its popularity, most employees have seen this type of "Join The Meeting" email, making it a popular choice as a phishing email.

Fake Meeting Email

  • What is this email? Posing as a Google Meet invite, this email tricks employees into clicking a link that leads to a fraudulent site designed to harvest their credentials.
  • Why is this email difficult to spot? Mimicking a legitimate and familiar format creates urgency with a 'now' timing and includes the employee's email in the body, enhancing its authenticity.
  • Who is prone to falling for this phish? Individuals who overlook verifying the sender's information are particularly susceptible. Additionally, organizations that frequently use Google Meet as their primary video conferencing tool face a heightened risk of falling prey to this scam.

#16 Western Union Wire Transfer Scam

Compromise Rate: 32% | Personalization: First Name, Last Name, Company, Date/Time | Attack Type: Credential Compromise (Link) & Endpoint Compromise (Attachment)

The Western Union Wire Transfer Scam is a sophisticated phishing attack that leverages Western Union's reputation. This scam preys on the trust and urgency typically associated with wire transfers.

Western Union Wire Transfer Email

  • What is this email? This deceptive email cunningly impersonates an official communication from Western Union, luring the recipient into believing they are about to receive a substantial sum of money. The email prompts the unsuspecting individual to confirm receipt of this amount by completing an attached document. Additionally, it cleverly includes a link leading to a fraudulent Western Union login page.
  • Why is this email difficult to spot? The difficulty in identifying this email as a scam arises from its expert use of Western Union's trusted reputation and the email's personalized information tailored to the recipient.
  • Who is prone to falling for this phish? Virtually any employee who finds this email in their inbox risks falling prey to this phishing attempt. The risk is significantly heightened in organizations that frequently use Western Union for business transactions.

#15 New Years Bonus Scam

Compromise Rate: 42% | Personalization: First Name, Last Name, Company | Attack Type: Endpoint Compromise (Attachment)

As the year winds down and the festive spirit takes over, the New Year's Bonus Scam emerges as a particularly insidious threat. This scam plays on the expectations and excitement surrounding end-of-year bonuses, a time-honored tradition in many organizations.

New Years Bonus Email

  • What is this email? This email, disguised as an HR announcement, tempts employees with a large bonus, luring them to complete a form. Its unusual nature doesn't deter 42% of employees, swayed by the cash promise.
  • Why is this email difficult to spot? This text-based email cleverly uses personalized details, creating urgency and authority. Combined with the promise of financial gain, it embodies classic phishing tactics, making it difficult to spot.
  • Who is prone to falling for this phish? Employees who don't pause to scrutinize the email's authenticity, especially in their eagerness for the bonus, are most susceptible to this scam.

#14 Office Holiday Party Scam

Compromise Rate: 44% | Personalization: None | Attack Type: Credential Compromise (Link)

Who doesn't love an office party? This generic email has no personalization yet still fools many employees. Its innocuous content ensures that no red flags are raised, which means it's extremely dangerous.

Office Holiday Party Phishing Email

  • What is this email? A seemingly innocent email poses as Google Drive, inviting you to an "Office Holiday Party" with a simple "Open" button. Clicking leads to a phishing site aiming to snatch your Gmail credentials.
  • Why is this email difficult to spot? Leveraging Google's trusted brand and our innate curiosity, this email contains no personalization. Its simplicity and harmless appearance make the email an effective phishing attack.
  • Who is prone to falling for this phish? Curious individuals, drawn in by the mention of an office party, are most likely to fall for this cleverly disguised phishing attempt.

#13 Job Opportunity Scam

Compromise Rate: 57% | Personalization: First Name, Last Name | Attack Type: Endpoint Compromise (Attachment)

In an age where career growth and job changes are commonplace, the allure of a high-paying job offer can be irresistible. This is what cybercriminals capitalize on in the Job Opportunity Scam.

Job Opportunity Phishing Email

  • What is this email? Disguised as an offer from HR, this email dangles a job with a hefty salary and generic requirements and asks you to fill out and return an attached file.
  • Why is this email difficult to spot? The email's cunning lies in its personalization and simplicity, addressing you by your full name, making it seem credible and hard to doubt.
  • Who is prone to falling for this phish? This email is generic and has proven to be extremely difficult to spot. Any employee curious or motivated by financial gain is prone to falling for this phish.

#12 Bank of America Suspended Account Scam

Compromise Rate: 30% | Personalization: First Name, Last Name | Attack Type: Credential Compromise (Link)

Bank of America is one of the largest financial institutions in the United States of America. It’s used by both a mixture of consumer and business customers and provides a wide variety of banking services.

This has made it a popular target for cyber criminals who typically utilize phishing to either steal banking credentials or install banking malware. Like many banks, Bank of America periodically sends out emails to their customer base, whether marketing-related, transactional, or even scheduled.

Bank of America Phishing Email

  • What is this email? This email is masquerading as a Bank of America suspended account notification. It’s notifying the recipient that unusual activity has been detected on their account, and accordingly, an account hold has been put in place. To remedy this, the email tries to entice the recipient to click a button, which then leads to a phishing website.
  • Why is this email difficult to spot? This email uses a high degree of personalization, using the recipient's first and last names within the email body. Further to this, it’s easy for this email to mix in with the flurry of legitimate emails that Bank of America periodically sends out.
  • Who is prone to falling for this phish? Employees who use Bank of America as their banking institution. Typically, this will only be for a subset of employees located in the United States of America.

#11 DocuSign Signature Request Scam

Compromise Rate: 30% | Personalization: None | Attack Type: Credential Compromise (Link)

DocuSign is a popular online service for handling digital agreements. In many cases, the request to exchange and sign an agreement is sent through email. Because of this, DocuSign-themed scam are enticing for attackers to use.

DocuSign Phishing Email

  • What is this email? This email is masquerading as a DocuSign signature request, where the recipient is asked to click on a link to review and sign a document.
  • Why is this email difficult to spot? It’s not uncommon that DocuSign signature requests come through at unexpected times. It could be that you need to sign off that you’ve read a certain policy, performed an annual training, or done a variety of other actions. Because of this, recipients of DocuSign emails have become trained to expect unsolicited emails appearing to come from DocuSign.
  • Who is prone to falling for this phish? Any employee is prone to this phishing email.

#10 Microsoft OneDrive File Share Scam

Compromise Rate: 31% | Personalization: None | Attack Type: Credential Compromise (Link)

Microsoft OneDrive is a core product within the Microsoft 365 Suite of products. It’s used for both cloud-based file storage and collaboration between colleagues, partners, and customers. When a file is shared using Microsoft OneDrive, the notification arrives through email, which explains why this scam is so successful.

Microsoft OneDrive Phishing Email

  • What is this email? This email is masquerading as a Microsoft OneDrive file share email. It notifies the recipient that they’ve just been sent a Word document relating to employee performance reports and prompts the recipient to click a link in the email to view the document.
  • Why is this email difficult to spot? While this email contains no personalization, it’s trying to invoke an emotional response in the recipient because this file has likely been shared with them by accident and contains sensitive information that they would want to know about. If the recipient is a little bit too curious, they’ll click the phishing link without properly analyzing the email.
  • Who is prone to falling for this phish? Employees who use Microsoft OneDrive will be particularly susceptible to this email, but because Microsoft OneDrive is frequently used to share files with non-Microsoft users, any employee could be susceptible to this phish.

#9 Microsoft Teams Missed Message Scam

Compromise Rate: 31% | Personalization: First Name | Attack Type: Credential Compromise (Link)

Microsoft Teams is a favorite among large businesses. It includes a plethora of functionality and integrates with a wide variety of Microsoft Office products.

When adopted by a business, typically, every employee will gain access to the Microsoft Teams Platform, so it comes as no surprise this email ranks number 9 on the list.

Microsoft Teams Phishing Email

  • What is this email? This email is masquerading as a Microsoft Teams missed message notification. It’s notifying the recipient that a team member tried to contact them about an upcoming leave request they’ve made. It then prompts the recipient to message the sender back by clicking a button.
  • Why is this email difficult to spot? When someone is away from their desk or misses a message, it’s common to get an email from Teams keeping them updated on everything that’s happened in their absence. While this email contains no personalization, it fits into the theme of generalized notifications that Microsoft Teams sends out and can easily be overlooked as just another legitimate notification.
  • Who is prone to falling for this phish? Any employee who uses Microsoft Teams.

#8 Slack Password Reset Scam

Compromise Rate: 32% | Personalization: None | Attack Type: Credential Compromise (Link)

Slack needs no introduction. It’s one of the most popular communication and collaboration platforms in the world.

Employees use Slack every day to communicate with their colleagues and even customers. Receiving email notifications from Slack is a common occurrence, making it no surprise that this phish is as effective as it is.

Slack Phishing Email

  • What is this email? This email is masquerading as a Slack password reset notification. It’s notifying the recipient that their password is due to expire in the next 24 hours, and a new password needs to be set.
  • Why is this email difficult to spot? While this phishing email contains no personalization, it doesn’t need it. The email instead relies on the urgency of the request to entice the recipient into immediate action. This action takes the form of a phishing link, which is the primary call to action.
  • Who is prone to falling for this phish? Any employee who uses Slack.

#7 LastPass Suspicious Login Scam

Compromise Rate: 33% | Personalization: First Name | Attack Type: Credential Compromise (Link)

With the average person using more and more online services, it’s become increasingly difficult to keep track of all the passwords used to log in to them.

While many people are enticed to re-use passwords, the ever-growing number of data breaches has made a lot of people aware of the risks associated with credential re-use. If an attacker steals your credentials from a data breach for one online service you use, they could potentially log in to all the services you use!

It’s for this reason that password managers such as LastPass have become so popular!

LastPass Phishing Email

  • What is this email? This email is masquerading as a LastPass suspicious login notification. It’s notifying the recipient that someone just used their master password to log in from an unrecognized location.
  • Why is this email difficult to spot? For anyone who uses a password manager, receiving an email such as this is their worst fear. Password managers essentially hold the crown jewels and store all the sensitive secrets and credentials for anyone who uses them. With this in mind, this email is designed to invoke a fearful response in the recipient, causing them to interact with it without applying critical thinking. The additional use of light personalization increases the realistic look and feel of this email.
  • Who is prone to falling for this phish? Any employee who uses the LastPass password manager.

#6 FedEx Shipment Scam

Compromise Rate: 33% | Personalization: First Name, Last Name | Attack Type: Credential Compromise (Link)

Expecting to receive a package? The interesting thing about being the receiver of a package is that you often aren’t the one who chooses who the actual courier is. In many cases, you just receive a notification from the courier, and you have to trust that what they’ve sent matches with what you’re expecting.

FedEx Phishing Email

It’s the unexpected nature of these notifications that makes this phish so dangerous! Forgive the pun. Let’s unpack this email and learn what makes it so devious

  • What is this email? This email is masquerading as a FedEx shipment tracking notification. It advises the recipient that they have a package in transit and entices them to click the tracking link.
  • Why is this email difficult to spot? It’s not an uncommon scenario that packages are received without prior notification. It could be a present from someone, a gift from an individual's workplace, or perhaps even a delivery that’s just been forgotten. These factors can make a normally unexpected email seem normal. Couple that with some personalization in the form of the recipient's first name, and we have an effective scam.
  • Who is prone to falling for this phish? Any general consumer or employee is vulnerable to this phish.

#5 HR Policy Violation Scam

Compromise Rate: 35% | Personalization: First Name, Last Name, Company | Attack Type: Credential Compromise (Link) & Endpoint Compromise (Attachment)

The dreaded email from Human Resources (HR). With an average of 35% of employees being compromised, we recommend using this phish with care!

HR Phishing Email

  • What is this email? This email is masquerading as an email from the HR team, notifying the receiving employee that they’ve violated company policy and viewed inappropriate material on their work computer.
  • Who is prone to falling for this phish? Due to the general nature of the phish, any employee could fall for it.
  • Why is this email difficult to spot? This email can send shivers down the spine of anyone who receives it. It leaves the recipient questioning, what was it that I did? How bad was it? Did I run the wrong search on the wrong computer? In any case, it leaves the recipient with a feeling that they need to prepare their defense, and the first part of that is viewing the purported evidence. Adding an additional layer of deviousness, this email contains a phishing link, a phishing attachment, and a high degree of personalization.

#4 Prezzee Gift Scam

Compromise Rate: 36% | Personalization: First Name, Company | Attack Type: Credential Compromise (Link)

Do you love gift cards? Well, so do cyber criminals! It provides them with a means of stealing money from unsuspecting victims without the hassle of needing to launder the money through banks or credit card companies.

Prezzee is a popular service used by consumers and businesses for sending and managing gift cards. This makes it a popular target for financially motivated attackers looking to scam people.

Prezzee Phishing Email

  • What is this email? This email is masquerading as Prezzee. Specifically, it appears to be a company-issued gift card that’s being provided to the receiving employee due to their high performance.
  • Why is this email difficult to spot? This email contains an element of personalization with the receiving employee's first name and the name of the company they work for being used within the email body. This email also relies on inciting excitement within the receiving employee, which could cause them to bypass the critical thinking normally applied to an unexpected email.
  • Who is prone to falling for this phish? Any employee who is familiar with the Prezzee gift card service or views themselves as a high performer and deserving of a reward, raise, or other form of bonus.

#3 Gmail Blocked Login Scam

Compromise Rate: 38% | Personalization: None | Attack Type: Credential Compromise (Link)

Coming in third, we have another Google-themed scam, which compromises 38% of employees on average!

Google Mail, otherwise known as Gmail, is an incredibly popular email collaboration tool that is used by both consumers and businesses. It’s become so popular, predominantly due to its accessibility, cost, and native integration with other Google products.

While this makes it a great tool for its users, its sheer popularity makes it an attractive target for phishing emails.

Gmail Phishing Email

  • What is this email? This email is masquerading as Gmail. More specifically, it appears to be a security notification that advises the recipient that Google just blocked a suspicious login attempt and that the recipient's password has potentially been compromised.
  • Why is this email difficult to spot? While this email contains no personalization, the sheer urgency and fear it sparks in recipients is enough to make it difficult to spot. This email relies on recipients having an emotional response and not critically analyzing the email.
  • Who is prone to falling for this phish? Anyone who uses Gmail or other Google-provided products.

#2 Jira Notification Scam

Compromise Rate: 47% | Personalization: First Name, Last Name | Attack Type: Credential Compromise (Link)

Jira is one of the most popular issue and project tracking tools on the market. Employees who use it have come to love the service it provides because it's designed to help teams collaborate and make everyone’s life easier.

The downside of this is that it makes it a prime target for attackers to use for phishing!

Jira Phishing Email

  • What is this email? This email is masquerading as Jira, the issue and project tracking software. Specifically, the email appears to be a Jira notification notifying the recipient that they’ve been assigned a new task.
  • Why is this email difficult to spot? This email contains a high degree of personalization, including the employee's first name and last name. This personalization, along with the usage of Jira logos, terminology, and the transactional nature of the email, makes it particularly difficult to spot.
  • Who is prone to falling for this phish? Software developers, project managers, product managers, and IT administrators would be particularly susceptible to this type of phishing email. As these employees typically have elevated access within businesses, it makes this phishing email particularly attractive to cyber criminals.

#1 Google Drive File Share Scam

Compromise Rate: 54% | Personalization: Company | Attack Type: Credential Compromise (Link)

With an average of 54% of employees being compromised, this Google Drive scam is the most dangerous of the lot!

This should come as no surprise. Employees who use Google Workspace typically receive Google Drive file-share emails on a daily basis. An email such as this is uniquely positioned to not raise any alarm bells from the employee viewing it while still being engaging enough that they’re enticed to click on the payload.

Google Drive Phishing Email

  • What is this email? This email is masquerading as the Google Drive service. Specifically, it appears to come from the HR team and entices individuals to click on a link that leads to an updated company organizational chart.
  • Why is this email difficult to spot? By masquerading as a commonly used service, it can easily blend into the mix of other emails an employee would receive on any given day. It additionally introduces a layer of urgency by indicating that a sudden change has taken place, and it's in the employee's best interest to find out what changes took place.
  • Who is prone to falling for this phish? Any employee who uses Google Workspace.

Wrapping Up

Cyber criminals are continuously improving the tactics and techniques they use to socially engineer victims through phishing.

To protect against this, it’s essential to use simulated phishing emails to develop a human firewall. As employees progressively become better at spotting phishing attacks, it’s important to start delivering more and more dangerous phishing emails that are harder to detect. In some cases, this may require the creation of custom phishing emails.

Through this progressive and continual learning, employees will be well-equipped to fend off cyber criminals and avoid phishing attacks!