In part two of a three-part series about Phishing, let’s look at some real-life examples that we’ve seen either in our campus email or in people’s personal email.
Phishing is constantly evolving, especially with the use of AI to make these phishes seem legitimate, but the core tactics remain the same – because they work!
Some high-level examples are:
- The Access Scam – Fake emails warning that an account has been “locked due to suspicious activity.” Victims click to “restore access,” only to land on credential-harvesting sites.
- Business Email Compromise (BEC) – Attackers impersonate executives and trick finance teams into wiring money. These scams have cost organizations more than $55+ billion globally since 2013, according to the FBI.
- Smishing (SMS Phishing) – Texts claiming to be from banks, shipping companies, or delivery services. These often push users to click a malicious link, either to steal their login information or download malware.
- Deepfake-Enabled Phishing – Emerging attacks now utilize AI-generated voices or videos to impersonate trusted individuals, making the scam even more difficult to detect.
While some of these scams utilize new technology, scammers are still relying on the same human triggers: urgency, curiosity, authority, or a desire for a reward.
Next week, in the third part of this series, we’ll discuss how to outsmart these phishing attempts.