Image

Signs of Phishing - Example #1
Image

- The Subject line.
- AMAZON is in all caps. This is not the casing that Amazon uses.
- The timestamp is in the future. While it’s entirely true that Amazon may not know your time zone, it’s unlikely that a valid email would ever contain a timestamp that is incorrect, as that causes confusion. In this case, the time stamp is used alongside the word “banned” to create a sense of urgency. When something feels urgent, we tend to rush, which increases the likelihood of someone clicking on a link in this email.
- The From line.
- This email is from [email protected], or rather it looks like it is. This is actually the display name. Looking at this second image makes that much clearer. Additionally, emails from Amazon will typically have an actual display name like “Amazon Answers” or “Amazon Marketplace”.
Image

- The Body
- The grammar and punctuation. “Someone tried to make purchase using your account.” There is no capitalization and “make purchase” is not proper English. One should also question why “security and integrity issues” would lock your account. Similarly, “you should update your information in advice to continue using your account” is not right. What is “in advice?” This is clearly language that has been put through Google Translate or a similar service.
Signs of Phishing - Example #2
Image

- The Subject line
- Why would you get an order confirmed and accepted email letting you know that your account is not secure? The subject just doesn’t match the body of the mail.
- The From line
- While this one isn’t an email address, the display name is not much better. “Apple ID” is not an Apple Service. Why would the email come from that display name? I am an Apple customer, and I’ve never gotten an email from “Apple ID.” When you get an email like this, it is important to ask yourself if you have received an email from this sender before. While the display name isn’t a guarantee that it is the same sender, a display name that you’ve never seen before should definitely be questioned.
- The Body
- Again, we have the grammar issues, and there are a few of them:
- “For your protection, your Apple ID is automatically disabled.”
- “is automatically disabled” simply doesn’t make sense here.
- “We detect unauthorized login attempts.”
- “detect” instead of “detected”
- “concerns we have for the security and integrity of the Apple community.”
- There’s nothing wrong here grammatically, but why would this impact the Apple community?
- “For your protection, your Apple ID is automatically disabled.”
- Again, we have the grammar issues, and there are a few of them:
Signs of Phishing - Example #3
Image

Image
