The most common headlines in phishing emails

In 2014, a breach exposed details of three billion Yahoo users. In 2016, Sony Pictures employees saw their sensitive personal information leaked along with thousands of company documents. What do these two attacks have in common? Both started with a phishing email.

"Email threats are still one of the most common ways for cybercriminals to gain access to sensitive information or install malware," warns Roman Cuprik from the global digital security firm's team ESET. Most known phishing cases target anonymous people , but it is not uncommon for attacks to be directed at very specific people who handle sensitive information. And, as ESET researchers point out, in 2022, this type of threats saw an annual increase of almost 30%.

As AI language models make it easier to write emails, chances are these numbers will increase!

Phishing attacks are a form of social engineering that prompts us to react with a sense of urgency and curiosity. While we can all fall victim to this type of attack, we can also learn to avoid it. Let's take a look at some examples of the most common phishing attacks used to trick us.

  1. "Your session has ended. Click here to log in again.”

In one of the most common phishing tactics, scammers simply tell you that you've logged out of an account and ask you to fill in your credentials. Clicking on the link will take you to a website that looks very much like the real thing. The difference, however, is that once you put in your credentials these will be immediately sent to cybercriminals, who will then use them to gain access to your information. In some cases, they may even log into your account and change your password.

This technique is based on the habit of users to automatically respond to such messages without thinking about the content or without checking for typical signs of a phishing message.

For example, last year GitHub Security warned about emails pretending to come from the popular CI/CD software development platform CircleCI. Scammers would send a “session timed out” notification and ask you to log in again using your GitHub credentials. “We noticed some unusual activity on your account. Please verify”.

With this ploy, cybercriminals try to create a sense of urgency. Who wouldn't want to avoid suddenly losing an account? Usually, these emails copy messages from legitimate services like Amazon, PayPal, etc.

For example, in late 2018, the United States Federal Trade Commission (FTC) issued a warning about phishing emails that appeared to be sent by . These emails claimed that an account was put on hold due to some error with payment information, asking users to update their billing information using an embedded link, which was of course malicious and used to obtain login credentials.


Similarly, the Apple customers were targeted in 2016, when scammers tried to steal their personal information with phishing emails that claimed users needed to reconfirm their account information because "a virus" had allegedly been found in Apple's iTunes database.

  1. “You must make payment immediately”

Impersonating corporate email accounts has long been the champion among spearphishing campaigns that target a specific individual or group of employees at a selected company.

Before sending these fake emails, scammers learn as much as possible about company structures, details, jargon, etc. of a business so that the phishing email is indistinguishable from a genuine one.

Some of these emails are specifically addressed to employees who are responsible for managing cash and financial matters. Cybercriminals pretend to be the CEO or someone higher up who is authorized to instruct the transfer of money and ask the victim to send money to a specific account, supposedly belonging to the CEO or the company.

In 2018, the CEO impersonation was used to steal over C$100.000 from the City of Ottawa. The city treasurer received a fake email from someone pretending to be the city manager, requesting to transfer the amount of money that ended up in the scammers' pockets.

The greedy scammers even tried to trick the cashier a second time, but when they sent a second email the scam was exposed and they were caught in the act.

  1. "Dear candidate..."

These phishing emails are based on fake job offers. They can trick potential victims into clicking on a link or opening malicious files sent along with an email, asking the victim to, for example, create an account and pass their personal information to apply for a job.

For example, the Lazarus threat group has conducted several such campaigns, such as Operation DreamJob, which was discovered by ESET researchers just recently, who lured her victims with fake job offers.


Such scams also exist on popular job boards, so always try to verify that the boss who contacted you or the job offer you see is legitimate.

The campaign targeted Linux users with a ZIP file delivering a fake HSBC job offer as bait

  1. “Due to the current situation…”

Phishing also increases during major events – be it sporting events or a humanitarian crisis. For example, in early 2023, the Fancy Bear threat group organized an email campaign related to the war in Ukraine. The emails carried a malicious RTF file titled “Nuclear Terrorism A Very Real Threat”. Once someone opened the file it would compromise the computer.

  1. "Merry Christmas!"

Holiday scams often take advantage of the shopping season. Emails contain offers that are "too good to be true" or create a false sense of urgency to grab a last minute opportunity!

Another approach for scammers is to send emails with malicious files related to the holidays, such as Christmas cards, gift certificates, etc.

  1. "We can't process your tax return"

Only a few things in this world are certain – death, taxes and phishing emails during tax filing season. Because people file their tax returns, it's no surprise that they will receive an email from the IRS.

Fraudsters abuse this situation by sending fake IRS emails. Usually, they claim that some information is missing and ask for additional personal or financial information.

Other emails offer refunds, while asking for credit card information.

  1. No response required

Some phishing emails have little to no content, tricking you into opening an attachment to learn more about the subject.

For example, the ESET Research uncovered a malicious campaign in 2021 that targeted corporate networks in Spanish-speaking countries using short emails with PDF attachments.

Το θέμα του email μπορεί να είναι τόσο απλό όσο σε αυτή την περίπτωση: “Δήλωση υπηρεσιών Δουβλίνου”- δεν υπήρχε κανένα μήνυμα εκτός από μια υπογραφή και μια επαφή τηλεφώνου στη Βενεζουέλα.


Example of malicious Email

Meanwhile, the attached file is a simple PDF file with no important content, but it contained a link that redirects victims to cloud storage services, from which the malware can be downloaded.

How to protect yourself from phishing emails

According to Cuprik from ESET these are the 8 key steps you can take to keep phishing attacks at bay:

  1. Please read the email carefully. Don't click on automatic.
  2. Check if the email address matches the actual domain.
  3. Be wary of unexpected e-mails from a bank, supplier or any other organization.
  4. Check for "red flags," such as urgent or threatening emails that require an immediate response or requests for credentials, personal and financial information. Grammatical errors, spelling errors, and typographical errors are also clues.
  5. Compare the attached URL with the corresponding domain of a legitimate company or organization. If you see something suspicious, don't click on it.
  6. Watch out for deals that are too good to be true and unexpected gifts.
  7. Don't send money in a hurry. If your superior suddenly asks for such a transfer, contact him immediately.
  8. Install a cybersecurity product with built-in anti-phishing tools.

Phishing emails are a widespread threat and even its professionals s may fall victim to this scam. Fortunately, most of these emails are fairly easy to spot if you control the urge to click on links or open attachments before confirming who the sender is. The Best Technology Site in Greecefgns

Subscribe to via Email

Subscribe to this blog and receive notifications of new posts by email.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).