Skip to main content

Spot phishing emails thanks to these real-life examples

By Allstate Identity Protection

Given the sheer volume of emails you receive every day paired with the rise of artificial intelligence-generated email scams, it's becoming increasingly difficult to avoid the digital dangers of phishing. But you don’t have to fall for the fakers. First, check out real-life phishing examples to see how cybercriminals impersonate people and institutions you might be affiliated with. Then, follow our safeguards before responding to an email or acting upon it.

In business and personal life, email has become the norm. In fact, an average day might bring you over 100 emails.

Factor in all the times you signed up with a retailer to get a discount off a purchase, the many times your information was sold to a third party, and the ads you keep getting because you “liked” a mouthwatering post by a meal service, and you can see how your inbox quickly fills up.

As you weed through which emails to open and respond to and which to trash and report as spam, how can you separate fact from fiction?

Phishing emails (those that mimic legitimate emails to get your personal information, money, or both) are rampant. Given that Statistica reports advertising emails get a higher click-through rate than the same content on social media, it makes sense that scammers are sticking to phishing emails as their preferred means of communication.

The Federal Trade Commission (FTC) reports a similar pattern: email was the most common method of contact among fraud reports last year.

Real examples of phishing emails

Scammers must continuously evolve to stay in business. One of the latest innovations involves using artificial intelligence (AI) to create phishing communications that are more personal, more specific, and more layered.

By using AI to pull information about you from your social media accounts, the dark web, and other sources, scammers can craft phishing emails that incorporate details like your alma mater, your child’s lab professor, or even your company’s tech department.

The University of California Berkeley has had enough of phishing. In 2023, students, parents, staff, and faculty affiliated with the school reported victims lost an average of $2,515 each from scammers appearing to be affiliated with the top learning institution.

On “The Phish Tank,” the Berkeley Information Security Office posts examples of real phishing emails and texts received by those affiliated with the school.

Example one: The fake QR code  

This email bore the insignia of U.C. Berkeley alongside its logo. When scanned, a QR code on the email took the recipient to a site with a malicious link they were asked to click. This phishing example uses fear, urgency, and respect for authority to hook victims.  

Quick Guide

Sample phishing email

Due to recent security, This email is to confirm 2-factor authentication for all University of California, Berkeley email recipients. You’re hereby required to complete exercise with the mobile number you want your 2-Factor Authentication set to.

Scan QR code below to complete authentication. 

How can you tell this phish was a fake? First, the email has typos. It’s also pressuring you to do something that will entail sharing personal information — in this case, your phone number.

It tells you to scan a link, which is the same as asking you to click on a link, a big no-no for suspicious emails.

Example two: The impersonator

The professor in this example is an actual instructor at U.C. Berkeley. The student mentioned did work with the professor in a lab, and the pupil was indeed the child of the parent who received the phishing email.  

Quick Guide

Sample phishing email

On Tues, Jan 9, 2024 at 1:16 PM N**** Bhatla ≤**bhatla0517@gmail.com> wrote:

Hello,

As you know, [your son] had an accident at the lab involving our neural imaging machine ….. the cost of repairs and replacement parts is $124,000. 

Fortunately, our grants cover the cost of repairs and replacements of our lab equipment. However, as our grants do not come in until [date], we will split the cost of repairs with [your son] for now. As we discussed, [you] will be providing $52,000 and myself the rest.

This is only for the time being, as [you] will later be reimbursed through our grants when we receive them.

Reimbursements using grant money can only be sent to lab members. Thus, [your] portion of the repair cost must be sent by [timeframe] … reimbursement will be sent back to [you] by check or transfer.

Best regards,   

**** 

Note: Added asterisks and brackets protect those who were mentioned. 

The biggest tell that this is a phishing attempt is that there’s an urgent element to the request. The sender expected the parent to pay for the child’s accident.

Another tip off? The sender’s email address is for a Gmail account, not a formal university one with an “.edu” suffix.

Example three: The bogus job

This is a multi-pronged scam — called “spear phishing” — in which one email leads to another or perhaps to a related text. Because of the string of communication, recipients can more easily be lulled into believing the conversation is authentic and not an AI-generated circuit. 

Quick Guide

Sample phishing email

University of California, Berkeley 

The faculty/department of Computer Science urgently needs undergraduates to work virtually as research assistants at $350 per week.

Note: Candidates should be proficient in Microsoft Office and have a solid understanding of its capabilities (Excel, Word, and PowerPoint).

Your job will be done remotely, and you can accomplish all remote chores whenever it's convenient for you to do so. The position is open to all university undergraduates from all departments.

Please text Prof. **** Arcak at if you would (510) 216-**** like to continue with the application process. Please provide your full name, email address, department, and year of study in order to get the job description and other application requirements.

Best Regards, 

C/O 

Prof. **** Arcak 

Title: Professor 

Department of Computer Science 

University of California, Berkeley 

P: (510) 216-****” 

Note: Added asterisks and brackets protect those who were mentioned. This same phishing scam played out over Facebook as well. 

 One of the biggest red flags in this example is that the recipient did not sign up to get such emails. 

The sender requested personal information, including full name, email address, department, and year of study, which indicates that a follow-up message might ask for even more sensitive information or a fee to officially “apply”. And typical of phishing emails, the message contains a few typos.

Example four: The fake job task

This phishing scam was reported by its victim on the Better Business Bureau’s Scam Tracker. It was unaffiliated with U.C. Berkely but includes similar tactics, like capitalizing on something authentically related to the recipient, coming from an illegitimately formatted email address, and making a demand that involves the recipient’s own finances. 

Quick Guide

Sample phishing email

I received an email that appeared to be from my university (but was actually from a gmail account) for a job which I then applied for. I was given 4 checks to deposit [into my own account] for a total of approx $5000 (which all turned out to be fraudulent) and told to transfer money which I did. They kept asking [f]or more and more and when the transfers via zelle, cashapp, etc, started to be turned down by the apps, I was given two more checks to deposit ($5000) and told to go buy Apple Gift Cards. I did this. It all happened very quickly (within 2 days) before my family got involved and I stopped contact with them. I lost $8200. 

The Gmail account is the first red flag. Money laundering — albeit with worthless checks — was involved. The “job” required the recipient to use their own bank account and cash apps. The “employer” asked the recipient to purchase gift cards.

How to protect yourself from phishing emails

No matter how a scammer first approaches you, there are clues that can alert you to a phishing scam, as all the examples in this article showed.

Any time you receive an email, follow these steps before responding or taking any action:  

  • Cross-check where the email came from. The email domain (or name after the @ symbol in the email address) should match the name and company of the sender. Keep an eye out for minor spelling errors. 

  • Follow up on unexpected emails via an alternate medium — phone, text, etc. See if others in your organization got the same email. Ask yourself, “Did I give this person my email address?”   

  • Beware of urgent requests for money or personal information, from your full name and your birthdate to bank routing numbers and your Social Security information.     

  • Cross-reference scam trackers. The Better Business Bureau’s Scam Tracker posts thousands of scams self-reported by victims. Do any of them match up with the email you received?  

  • Don’t scan QR codes embedded in emails. The FTC warns of urgent messages prompting you to scan a code and advises you to inspect the popup URL.    

  • Question any government agency demanding personal information, money, or immediate action on your part. Even FTC officials and employees are being spoofed.  

If you suspect you’ve been targeted by a phishing attempt, report it. Forward phishy emails to the FTC (reportphishing@apwg.org), the Better Business Bureau, and your office’s tech department. Mark suspicious emails as spam, as reporting and flagging these emails will protect you and others from future attacks.

And, if you’re an Allstate Identity Protection member and need any additional help navigating the ever-changing world of phishing, don’t hesitate to give us a call. We’re here to help. 

Share this content to your social channels