6 Common Types of Phishing Attacks

Account verification phishing emails appear to come from a well-known company (i.e.: Netflix) and will ask you to sign in and “correct an issue” with your account.

You will usually find a link that will point you to a website pretending to be a company’s legitimate site — this is where the hackers will ask for your login credentials.

TIP: Do not click any links in the email — directly log in to your account by typing the address into your web browser. If you are unable to log in, contact the service using official contact information.

This type of email contains a link to what appears to be a shared file on Google Docs, Dropbox or another file-sharing website.

Again, the email will contain a link which points to a page pretending to be a file-sharing site and requests you log in

TIP: Do not click any links in the email. Instead, log in to your account and find the shared file by name. Remember to verify sender identity and use established cloud file sharing services.

These types of phishing emails come from a domain similar to the DocuSign domain.

Much like the others, a link will prompt you to sign in to view the document, giving attackers total control of your inbox. These types of phishing schemes can be tricky if you’re an avid user of DocuSign (or alike) tools.

TIP: DocuSign never attaches items to email — attachments are likely malicious. Instead, access your documents directly at www.docusign.com.

These types of malicious emails contain a document presented as an unpaid invoice and claim service will be terminated if the invoice is not paid.

Unpaid invoice phishing scams usually target individuals (by pretending to be a retailer) or businesses (by impersonating a vendor or supplier).

TIP: Do not reply to the email. Contact the vendor/service directly using official contact information before submitting payment.

These types of phishing attacks appear to come from popular delivery services (FedEx, UPS, etc.) or online retailers and include a delivery notification with a malicious link or attachment

TIP: Do not click links or open attachments in unexpected delivery notifications. Instead, visit the delivery service’s official website and enter the tracking information, or call the delivery service’s official phone number.

Emails appearing to come from a government tax revenue agency (e.g., IRS in the U.S.).

These types of scams will claim you are delinquent on your taxes and will provide a means to fix the issue before additional fines or legal actions are pursued.

TIP: Never share personal or financial information via email. Only use official communication channels to contact revenue agencies!