Receiving Email: Phishing

Understandable – so here are a few more…


Faced with having your account expire unless immediate action is taken, the email account upgrade scam can appear to come from trusted email providers like Microsoft and Google, or simply from your company’s IT department.

Image of phishing scam using an "email upgrade" email

As you can see, nothing harmful stands out from this email. There are no stand-out grammatical errors, no elaborate requests, and the link itself would appear to direct to a safe “https” web page to an unsuspecting user. A useful tip is to hover over the link itself when being asked to give personal details – as the text itself often doesn’t represent the true destination of the link.


One of the most recent high-profile phishing techniques, the Google Docs scam offers an extra sinister twist as the sender can often appear to be someone you know.

Image of phishing scam using an "google docs" email

This ultra-sophisticated email encourages you to click on its link in order to view a ‘document’, which then takes you to an almost identical version of Gmail’s login page. Once an account has been selected, you’re then invited to grant access to your Google account, meaning the attacker has free rein.


With around 200 million users, PayPal is an incredibly lucrative tool for a cyber-criminal. As well as its high volume of accounts, PayPal offers fraudsters the chance to take advantage of a platform linked directly to their credit card or bank account.

Image of phishing scam using an "paypal" email

These emails often include the PayPal logo, plus a convincing chunk of fine print at the bottom of the email. Again, this scam tries to enforce panic mode into its victims, often with a “There’s a problem with your account, please click here to fix it” kind of message. Beware, they also contain legitimate-looking fine print.


The same old story of encouraging users to click a link, yet a whole new platform to utilise. Dropbox, the online sharing and storage platform, has grown massively in popularity over recent years – and so too have its fraudulent copycats.

Image of phishing scam using an "dropbox" email

The Dropbox phishing email usually works by informing a user that the ‘file’ which has been emailed to them is too large, and needs to be opened with a quick “click on this link”. You’ve probably guessed by now that a fake Dropbox landing page is waiting… and you’d be right. What you might not have guessed is that this page can actually be located within Dropbox itself – waiting patiently to harvest your details.