We show you how to identify phishing emails examples, what to do with suspicious emails and what to do if you've been scammed online.
myGov phishing email example

How to identify phishing emailsHow to identify phishing emails

For years thieves & scammers have been out on the world wide web phishing for our personal information. Every day thousands of legitimate-looking emails from reputable brands are received in our email inboxes. 

The difficult part can be working out how to identify phishing emails. Seeing real examples of suspicious emails helps us identify scammers. We have taken 4 recent examples of phishing emails from January and February 2023.

TLDR: The fastest way to identify phishing emails is to look at the From Address and mouse over links in the email body. Verify that the address the email has come from is genuine and the URL buttons are legit. If you are not sure of what to do request a free small business IT health check.

Phishing email examples & how to identify phishing emails

We’ve put together a comprehensive list of phishing email examples with images. Review the list below so you can familiarize yourself with examples of phishing emails. The images below are real-world phishing scam emails intended. They are from what look to be very reputable companies such as VentraIP, Australia Post, My Gov (Australian Government) and Apple.

We have also come across phishing emails posing as Cryptocurrencies asking for Bitcoins. Emails from scammers that are sending fake invoices to try to capture your credit card information.

Australia Post phishing email exampleAustralia Post phishing email example

Here’s an example of a phishing email that looks to have come from Australia Post. Even though the From name appears to be genuine we can quickly see an issue with the email address. The address appears to have come from a French domain name which is not right.
In this phishing email example, the scammers are trying to get the user to open a phishing URL. If we hover over the hyperlink we can see that the target destination is nothing to do with Australia Post.
The webpage that it will open will likely be infected with malware or will attempt to steal your personal information.

Phishing email example URL


Apple Store phishing email exampleApple store phishing email example

Once again we can see that although the phishing email says that it’s from Apple it obviously isn’t. This time the scammers are sending the email from Microsoft Outlook’s Hungary domain. The email address is complete gibberish and should not be taken seriously at all.
In this phishing email example, the scammers are pretending that you have been subscribed to an app. In order for you to get out of the subscription you must review your subscription to avoid further charges.

Studying the hyperlinks we can clearly see that it’s a totally bogus website. So we now know how to identify phishing emails from Apple and that we can safely disregard this email and move on.

Appstore phishing email example


myGov phishing email examplemyGov Phishing email example

Here’s an example of how to identify phishing emails from myGov.

At the start of February, we received a phishing email that looked like it came from the myGov which is the Australian Government. Immediately the scammers made the mistake of miss typing the name being My_Gov. Also, we can see that it was sent from a random domain.

The scammers are pretending that there is money available to be refunded to the user and are trying to get them to sign-up. They are also adding time pressure to the attack by stating that ‘this link will expire in 3 days’.

The link that the scam email goes to looks like a shortened URL of some sort. Which ends up on a forbidden page on an Indonesian website.

phishing email example link

phishing PDF exampleHow to identify phishing email attachments

It’s also important to keep an eye out for phishing emails with attachments. As always first check the senders address, if it’s not legitimate don’t open the email attachment. These PDFs will also contain fraudulent links aimed at phishing attacks. 

So make sure you don’t click on web links that are you unfamiliar with without first checking the URL destination.

myGov phishing email attachment

Netflix phishing email scam example


How to identify phishing emails from Netflix you ask? Let’s take a look at the old ‘Your membership will be list!’ phishing email scam!

You can safely ignore the threats about security and your membership will be cancelled. Not clicking on the ‘Click Here’ button is the best way to ensure that you don’t get scammed or hacked.  


How to identify phishing email Attachments

How to identify spear phishing email attachmentsIdentifying Spear phishing email attachments

Here’s how to identify phishing email attachments with some examples. A lot of the spear phishing emails we’ve encountered have come from other countries. In most cases, spear phishing email attachments come in the form of HTML or HTM pages.

In the phishing email attachment on the right, we can see that the hackers are pretending to be sending an invoice and pretending to be for our company. It also looks like they either tried to or are pretending to be using a digital fax service.



Spear phishing email attachment digital faxPhishing email attachments as E-Fax

This is a clear example of an E-fax Received & Ready For Preview phishing attachment. Once again a HTM file is used as opposed to a traditional PDF or image file once scanned and faxed.

Frequently Asked Questions

What is phishing How does it work?

The term phishing refers to an engineered attack used by scammers to steel information from an individual or organisation via text or email.  In most cases the scammers are trying to collate identifiable data such as birth dates, addresses, login credentials and credit card details.

Once the scammers have collated enough information via phishing attacks they are able fraudulently setup accounts on behalf of the vulnerable individuals. Scammers will go to great lengths to steal your money so its important to clearly understand how phishing works to remain protected. It’s critical to under how to identify phishing emails as this will reduce the likelihood of being scammed.

Spear phishing

The most dangerous of all are a higher class of criminals who use a form called spear phishing. These actors use messages to target specific people who they already have information on. 
Spear phishing messages will  include techniques referred to as ‘social engineering’ to ensure success. Using social engineering they can manipulate people into believing the message is true and forces them to act upon the ‘bait’.

What to do with suspicious emails?

The easiest thing to do with suspicious emails is to delete them. If you have a security suite you can train it to filter out phishing emails. This utility should be built into it’s anti-spam tool and will be an add-in for your Outlook application or mail client.

Where to report a phishing email?

If you live in Australia you can report to the Australian Cyber Security Centre via this link.

What to do if you’ve been scammed online?

If you didn’t get to read our article on how to identify phishing emails and you’ve been scammed online the first thing you should do is speak to your bank. They may be able to assist you in recovering stolen funds. They will also put a hold on or suspend your credit and bank accounts. 

Your bank will likely ask you to get a security checkup after being scammed or hacked. You can ask our virus and malware removal experts to assist you in ensuring your devices are not compromised.

How to recover from being scammed?

During the recovery process after being scammed, you should ensure that your devices are no longer infected with malware, viruses or an embedded keylogger. With smartphones you can download applications to detect and remove these threats.

On a Windows or Mac computer, you might need to find a remote IT support technician to delve deeper into the core of your operating system to ensure there are no hidden dangers.

How to prevent phishing attacks?

The best way to prevent phishing attacks is through education and awareness of the types of scams online and offline. Now that you know how to identify phishing emails attacks with real examples it would be best if you also learnt about SMS/Text scams.

Are you a victim of a phishing attack?

Ask our IT security experts to help you recover after being scammed. 

Expert News

Gmail deliver failed email IT support Melbourne

New Gmail Rules Start Blocking Emails – Small Businesses Beware!

Having trouble with Gmail delivery failures for your small business in Melbourne? Our email IT support experts can help! The latest Anti-spam measures are a positive move by Google, but dozens of small businesses are getting caught up with email bounce backs. If your business has been caught up in the email delivery saga, call our IT consultants today for a solution. In less than a few hours we can ensure your domains’ compliance with SPF, DKIM and DMARC policy. Giving you greater e-mail security, deliverability and reducing your chance of getting blocked on Gmail.

Email Trojan Alert Request for Offer exe

Cyber security alert: Trojan ‘Request for Offer.exe’ detected

Late last week, our IT support team detected a Trojan ‘request for offer.exe’ circulating on Microsoft 365 emails. This threat was also picked up by our cybersecurity group and quarantined by AVG Internet Security. The Trojan appeared in the form of an email with an executable attachment. We urge all businesses to send out an awareness communication to their staff regarding this security vulnerability.

Securing your emails - cybersecurity tip

Securing Your Email – Cybersecurity Tip

When it comes to securing your emails, it’s important to think cybersecurity & two-factor authentication. Using complexity on our passwords, thinking about how we access our emails and how we store our email data. As a business, it’s essential to have SPF and DKIM configured for your domain’s mail records. As a home user, we can backup our emails by using IMAP connections to our host.

Book an IT service Today