Example Phishing Email
Below is an example of a phishing email that a lot of organisations will commonly receive on a daily basis. We've highlighted the tell-tale signs that something is not right.
Subject: Urgent: Unusual Activity Detected on Your Account
Dear Customer,
We have detected unusual activity on your account and, for your security, we have temporarily limited access.
To restore full access, please verify your details immediately by clicking the link below:
Verify Your Account Now: http://secure-account-check.example.com
Failure to verify your account within 24 hours may result in permanent suspension.
If you believe this activity is not related to you, please contact our support team immediately.
Thank you for your cooperation.
Sincerely,
Account Security Team
Customer Protection Department
Why Is It Suspicious?
It uses “Dear Customer” instead of your actual name. Legitimate companies usually personalise emails.
Phrases like “urgent,” “within 24 hours,” and “permanent suspension” are designed to pressure you into acting quickly without thinking.
The URL (secure-account-check.example.com) doesn’t match a real, trusted domain. Phishing links often imitate official names but are slightly off.
Uses terms like “Account Security Team” and “Customer Protection Department”. Sounds official but is generic and unverifiable.
Other Suspicious Elements
Use the boxes below to explore the other reasons we could tell this email wasn't legitimate.
We don't recognise the email address.
It's not from an organisation we deal with.
We were not expecting to receive this email.
The email contains a link.
