Emails are, let’s face it, already bad enough. Are 72 exclamation marks okay for one message? Can I ignore an email for two months?
So scammers clogging up inboxes is the last thing people need right now.
A first glance, these emails will look like dozens of others that arrive in your inbox every day.
But scam emails often see cybercriminals pretend to be someone they’re not over email to persuade people to hand over their personal information, such as passwords or card numbers. This is called ‘phishing’.
Last year, the Suspicious Email Reporting Service (SERS) received almost 11,611,400 phishing reports, up from 8,074,200 reports in 2022.
With phishing not go away anytime soon, a cybersecurity firm has identified the most widespread email threats to watch out for in 2025.
File-sharing phishing
Abnormal, a cloud email security firm, says that one scam to be on the look out for is a ‘file-sharing phishing attack’.
Sounds complicated, but they’re actually pretty simple.
Scammers try to get you to let slip your private details by posing as file-hosting and e-signature services. Think Dropbox, ShareFile, and Docusign .
In one example, a defrauder sent faculty members at a high school an email sharing a document on Google Docs. And it’s one you can’t exactly blame the teachers for clickers – it’s named ‘staff and payroll update’.
‘The Google Doc, which features the latest Microsoft 365 branding to increase the appearance of legitimacy, informs the recipients that the document linked within the file should be used to verify an update in their compensation,’ Abnormal explains.
‘Clicking on “REVIEW DOCUMENT” redirects the targets to a login screen hosted on scripts.google.com, the domain for Google Apps Script, a cloud-based JavaScript platform that enables users to integrate with Google services and develop web applications.’
This brings the user to a spoof website where they’re asked to sign into their Microsoft 365 account – the bundle of software that includes Word, Excel or Office.
‘However, any information entered into the page will be stolen by the cybercriminal and used to launch additional attacks,’ Abnormal warns.
AI-generated ‘business and vendor’ emails
Cybersecurity experts have long been wary of artificial intelligence, feeling it can make scams harder to spot as the technology grows more sophisticated.
Greedy dupes have now added AI to their tricks of the trade. ‘By analysing vast volumes of data from social media, online activity, and past interactions, AI-powered platforms can generate hyper-personalized messages that convincingly mimic the writing style of the impersonated individual, the report says.
‘This makes the emails more difficult for traditional security measures to detect and more likely to deceive unsuspecting recipients.’
There are two forms of these robotic emails: Business email compromise and vendor email compromise attacks.
The first sees the scammer use AI to help pose as someone’s boss or colleague, using a spoof or look-alike email domain for extra believability.
Vendor email compromise, meanwhile, sees them pretend to be suppliers.
But Abnormal says that scammers are now hijacking people’s actual emails. Rummaging through their victim’s inboxes, they then hunt for email threads that they can exploit to get someone’s personal information.
As one example shared by Abnormal showed, an attacked jerry-rigged a business development director’s email who was discussing a $230,000 invoice with a seller. The scammer sent a follow-up email asking for updated banking information.
‘Ad because it was sent from the director’s real account, the recipients have no reason to believe the request is fraudulent, Abnormal adds.
Cryptocurrency fraud
The point of cryptocurrency is that it’s a secure, digital form of money that’s not on the books. These pros are also why scam artists love it.
One way that bad actors trick people is by emailing them about their crypto wallet.
In one case, a scammer pretended to be from Ledger, a company that offers crypto hardware storage solutions. They claimed the crypto networks are undergoing maintenance and to restore access to their account, they need to click a link to update their details.
‘Failure to update your networks can lead to loss of assets,’ the not-at-all-real email said. Hitting the link brings up a fake page to input their recovery phrase
Asking to know the maiden name of someone’s email, the street they lived on as a kid, or the name of their first dog is a pretty unstable way of scamming someone, Abnormal says.
‘But a recovery phrase of 12-24 words is a much less common authentication mechanism,’ the report says.
‘This is what the threat actor in this attack example is banking on.’
So, in the above case, the fraud victim is less likely to doubt they’re being fleeced.
Once they type in their phrase, it goes straight to the attacker – for good measure, the scammer has even done it so the fake page redirects to Ledger’s actual website.
How can I protect myself from being scammed?
Action Fraud is the UK’s fraud and cybercrime reporting service.
- If you have any doubts about a message, contact the organisation directly using the contact details on their official website. Do not use the number or web address in the message. Your bank, or any other official source, will not ask you to provide sensitive information by email.
- Received an email that doesn’t feel right? STOP! Report suspicious emails by forwarding them to: report@phishing.gov.uk. Send emails to this address that feel suspicious, even if you’re not certain they’re a scam – they will be checked.
- Always report suspicious text messages or scam call numbers, free of charge, to 7726. Your provider can find out where the text came from and block or ban the sender. To report a scam text, forward it to 7726 and then send the sender’s number when prompted. To report a scam call, simply text 7726 with the word ‘Call’ followed by the scam caller’s number.
- If you’ve lost money or provided financial information as a result of a phishing scam, notify your bank immediately and report it to Action Fraud at actionfraud.police.uk or by calling 0300 123 2040. In Scotland, call Police Scotland on 101.
Get in touch with our news team by emailing us at webnews@metro.co.uk.
For more stories like this, check our news page.
MORE: ‘Hawk Tuah girl’ faces backlash after crypto coin collapses hours after launch
MORE: Crypto-trader found guilty of murdering mother in £500,000 life insurance scam
MORE: As it surges past $100,000 – will Bitcoin keep going up?
