An impersonal greeting like \u201cDear %username%\u201d used to be a sure sign of a phishing email, but scammers have moved on from that. Targeted messages addressing the victim by name are becoming increasingly common. Ignore those too.<\/p>\n
What to do if you get a phishing email<\/h2>\n
If you\u2019ve managed to spot one using the signs described above, well done\u00a0\u2014 you\u2019re awesome! You can go ahead and delete it without even opening. And if you want to do your good deed for the day, report the phishing attempt via Outlook<\/a> or Gmail<\/a> to make this world a tiny bit safer. We understand that spotting phishing in your email right away isn\u2019t easy \u2014 so here\u2019s a short list of don\u2019ts to help with detection.<\/p>\n Scammers can hide malware inside various types of email attachments: images, HTML files, and even voice messages. Here\u2019s a recent example: you get an email with an attachment that appears to be a voice message with the SVG extension, but that\u2019s typically an image format\u2026 To listen to the recording, you have to open the attachment, and what do you know\u00a0\u2014 you find yourself on a phishing site that masquerades as Google Voice<\/a>! And no, you don\u2019t hear any audio. Instead, you\u2019re redirected to another website where you\u2019ll be prompted to enter the login and password for your email account. If you\u2019re interested in learning more, here\u2019s a Securelist blog post<\/a> on this.<\/p>\n It seems that voice messages are sent more often through messengers than by email<\/p><\/div>\n This and other stories just go to show you shouldn\u2019t open attachments. Any attachments. At all. Especially if you weren\u2019t expecting the message in the first place.<\/p>\n This is a golden rule that will help keep your money and accounts safe. A healthy dose of caution is exactly what everyone needs when using the internet. Let\u2019s take a look at this phishing message.<\/p>\n An \u201cexciting win-win\u201d, but only the scammers benefit<\/p><\/div>\n Does this look odd? It\u2019s written in two languages: Russian and Dutch. It shows the return address of a language school in the Netherlands, yet it references the Russian online marketplace Ozon. The message body congratulates the recipient: \u201cYou are one of our few lucky clients who get a chance to compete for uncredible prizes.\u201d<\/em> \u201cCompeting for prizes\u201d is easy: just click the link, which has been thoughtfully included twice.<\/p>\n A week later, another message landed in the same inbox. Again, it came in two languages: Italian and Russian. This one came from a real Italian email address associated with the archive of Giovanni Korompay<\/a>\u2018s works. The artist passed away in 1988. No, this wasn\u2019t an offer to commemorate the painter. Most likely, hackers have breached the archive\u2019s email account and are now sending phishing mail about soccer betting pretending to be from that source. All of that looks a rather fishy.<\/p>\n Another email in two languages<\/p><\/div>\n These messages have a lot in common. One thing we didn\u2019t mention is how phishing links are disguised. Scammers deliberately use the TinyURL<\/a> link shortener to make links look as legitimate as possible. But the truth is, a link that starts with tinyurl.com<\/strong> could point to anything: from the Kaspersky Daily blog<\/a>\u00a0to something malicious.<\/p>\n Scammers come up with all sorts of tricks: pretending to be Nigerian princes<\/a>, sending fake Telegram Premium subscriptions<\/a>, or congratulating people on winning fake giveaways. Every week, I get email with text like this: \u201cCongratulations! You can claim your personal prize.\u201d<\/em> Sometimes they even add the amount of the supposed winnings to make sure I open the message. And once, I did.<\/p>\n The scammers were too lazy to shorten this link<\/p><\/div>\n Inside, it\u2019s all by the book: a flashy headline, congratulations, and calls to click the link. To make it seem even more convincing, the email is supposedly signed by a representative from the \u201cPrize Board of the Fund\u201d. What fund? What prize board? And how could I possibly have won something I never even entered into? That part is unclear.<\/p>\n You may have noticed the unusual design of this message: it clearly stands out from the previous examples. To add credibility, the scammers used Google Forms, Google\u2019s official service for surveys and polls. The scheme is a simple one: they create a survey, set it up to send response copies to the email addresses of their future victims, and collect their answers. Read Beware of Google Forms bearing crypto gifts<\/strong><\/a> to find out what happens if you open a link like that.<\/p>\n Following these rules will protect you from many \u2014 but not all \u2014 of the tricks that attackers might come up with. That\u2019s why we recommend trusting a reliable solution: Kaspersky Premium<\/a>. Every year, our products undergo testing by the independent Austrian organization AV-Comparatives<\/a> to evaluate their ability to detect phishing threats. We described the testing procedure in a post<\/a> a year ago. In June 2025, Kaspersky Premium for Windows<\/a>\u00a0successfully met the certification criteria again and received the Approved<\/strong> certificate, a mark of quality in protecting users from phishing.<\/p>\n Important clarification: at Kaspersky, we use a unified stack of security technologies, which is what the experts tested. This means the Kaspersky Premium for Windows<\/a> award also applies to our other products for home users (Kaspersky Standard<\/a>, <\/strong>Kaspersky Plus<\/a>, and Kaspersky Premium<\/a>) and for businesses (such as Kaspersky Endpoint Security for Business<\/a>\u00a0and Kaspersky Small Office Security<\/a>).<\/p>\n More about phishing:<\/p>\n Don’t panic. Again, don’t panic. Did we say don’t panic? A common threat explained in simple terms.<\/p>\n","protected":false},"author":2754,"featured_media":24459,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1225,9],"tags":[19,76,321,521],"class_list":{"0":"post-24453","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-privacy","8":"category-tips","9":"tag-email","10":"tag-phishing","11":"tag-technology","12":"tag-threats"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/how-to-deal-with-email-phishing\/24453\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/how-to-deal-with-email-phishing\/29339\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/how-to-deal-with-email-phishing\/12651\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/how-to-deal-with-email-phishing\/29291\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/how-to-deal-with-email-phishing\/28383\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/how-to-deal-with-email-phishing\/31248\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/how-to-deal-with-email-phishing\/29910\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/how-to-deal-with-email-phishing\/40196\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/how-to-deal-with-email-phishing\/13643\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/how-to-deal-with-email-phishing\/53990\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/how-to-deal-with-email-phishing\/23050\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/how-to-deal-with-email-phishing\/29501\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/how-to-deal-with-email-phishing\/35206\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/how-to-deal-with-email-phishing\/34855\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/phishing\/","name":"phishing"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/24453","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2754"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=24453"}],"version-history":[{"count":2,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/24453\/revisions"}],"predecessor-version":[{"id":24460,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/24453\/revisions\/24460"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/24459"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=24453"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=24453"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=24453"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Don\u2019t open attachments<\/h3>\n
![\"It](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/07\/29173828\/how-to-deal-with-email-phishing-01.jpg\")
<\/a>Don\u2019t open links<\/h3>\n
![An \"exciting win-win\", but only the scammers benefit](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/07\/29173848\/how-to-deal-with-email-phishing-02-1024x478.jpg\")
<\/a>![\"Another](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/07\/29173908\/how-to-deal-with-email-phishing-03-1024x405.jpg\")
<\/a>Don\u2019t believe what\u2019s written down<\/h3>\n
![\"The](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2025\/07\/29173929\/how-to-deal-with-email-phishing-04-1024x501.jpg\")
<\/a>The bottom line<\/h2>\n
\n