What is phishing exactly?

Phishing is a scam technique via email or text. The scammer impersonates a trusted organisation (bank, NHS, HMRC) and sends a message imitating the official style to get you to click a link and enter your personal or bank details.

How do I check if an email really comes from my bank?

Look at the sender's email address (not the displayed name, but the technical address). An official email from your bank comes from the bank's real domain. When in doubt, call your bank using the number on the back of your card.

What if I clicked a phishing link and entered my details?

Change your password immediately on the real website. If you entered bank details, call your bank to cancel your card. Report the email to your national fraud service and to your email provider as phishing.

Does my antivirus protect me from phishing?

Partially. Modern antivirus programs include anti-phishing filters that block some fraudulent sites. But scammers create new fake sites constantly, so your antivirus cannot know them all. Your vigilance remains the best protection.

Why are phishing emails becoming more convincing?

Scammers now use AI tools to write emails without spelling mistakes and faithfully reproduce the style of official organisations. That is why checking the sender's address rather than the visual quality of the message is essential.

Phishing: Real Examples of Fraudulent Emails

Phishing is the most widespread cyber threat. In 2024, it accounted for 39% of all reports on Cybermalveillance.gouv.fr (source: activity report, March 2025). This guide shows you, with concrete examples, how to recognise fake emails before falling into the trap.

When you receive an email that looks exactly like a message from your bank, the NHS or HMRC, it is natural to want to click. Scammers invest heavily in making their messages convincing. The good news: there are reliable clues to spot them, and once you know them, fake emails become easy to identify.

How phishing works

The scammer sends an email imitating a trusted organisation — complete with logo, colours and style
The message creates urgency or opportunity — “Your account will be blocked”, “A refund awaits”
You click the link — it leads to a fake site reproducing the official one
You enter your information — credentials, passwords, bank details are all captured

Example 1: Fake bank email

Subject: “Security alert: unusual activity on your account”

The email displays your bank’s logo and mentions suspicious activity. It asks you to “verify your identity” via a “secure” link.

Clues that reveal the scam:

The sender’s email address does not end with the bank’s official domain
Artificial urgency: “You have 24 hours to secure your account”
The link does not lead to the official website (hover without clicking to check)
It asks for sensitive information your bank would never request by email

What your bank actually does: never emails asking for your password, never demands urgent action within 24 hours, communicates security alerts through their official app.

Example 2: Fake health service email

Subject: “Health Service: refund of 287.40 pending”

Displays the health service logo, mentions a pending refund. Asks you to “update your bank details” via a link.

Clues: wrong sender domain, requests bank details by email (health services already have your details), precise amount to seem credible.

Example 3: Fake tax email

Subject: “HMRC: your tax refund is available”

Official-looking design, claims a refund will be paid within 5 working days if you confirm your bank details.

Clues: tax authorities use their official domain only, refunds are paid automatically without confirmation needed, the link goes to a non-official URL.

Example 4: Fake delivery email

Subject: “Your parcel is waiting — action required”

A delivery company logo, says a parcel could not be delivered, asks you to pay a small redelivery fee (1-3 pounds/euros).

Clues: delivery companies do not ask for payment by email, the tracking number is unverifiable on the real site, the small amount is deliberate — they want your full card details.

Example 5: Fake Netflix, Amazon or PayPal email

Subject: “Your Netflix subscription will be suspended”

Claims your payment method has expired and you must update your details.

Clues: wrong sender domain, generic greeting (“Dear customer” instead of your name), link points to an imitation URL.

The 5-point method for analysing suspicious emails

Point 1: The sender’s address

Do not look at the displayed name; check the technical email address.

Point 2: The link in the email

Do not click. Hover over the link to see the destination address (bottom of screen or tooltip). On a phone, long-press the link without releasing.

Point 3: The tone

Phishing almost always uses urgency, fear, or the lure of money.

Point 4: Unusual requests

No official organisation will ever email asking for your password, card number, PIN or to download software.

Point 5: Text quality

While AI-generated phishing is increasingly flawless, some still show formatting anomalies, blurry images, or missing contact details in the footer.

What to do with a suspicious email

If you have not clicked

Do not click anything
Report as phishing/spam in your email client
Delete or move to spam
Warn relatives who might receive the same email

If you clicked but entered nothing

Low risk. Close the page. Clear browser cache and run antivirus.

If you entered credentials or bank details

Change password immediately on the real site
Call your bank if bank details were entered
File a police report
Report to your national cybercrime platform

Configuring your email for better filtering

Enable anti-spam filters (most email services have them)
Mark phishing emails as spam (helps the filter learn)
Gmail: three dots > “Report phishing”
Outlook: “Junk” > “Phishing”

Why phishing evolves and remains dangerous

According to security agencies, phishing campaigns are increasingly sophisticated thanks to generative AI (source: ANSSI, February 2025). AI-generated emails are spelling-perfect, personalised with your name, and sent from addresses closely imitating official domains.

That is why checking the sender’s address and link remains the most reliable reflex, much more than the visual quality of the message.

Editorial note

Sources consulted: Cybermalveillance.gouv.fr 2024 report, ANSSI threat panorama February 2025, DGCCRF 2024, signal-spam.fr.

Limitations: Examples are based on real reports but exact wording changes constantly. We could not reproduce screenshots of fake emails; descriptions are based on public reports.

Verification date: 26 March 2026

Conflicts of interest: none

Questions fréquentes

: Phishing is a scam technique via email or text. The scammer impersonates a trusted organisation (bank, NHS, HMRC) and sends a message imitating the official style to get you to click a link and enter your personal or bank details.
: Look at the sender's email address (not the displayed name, but the technical address). An official email from your bank comes from the bank's real domain. When in doubt, call your bank using the number on the back of your card.
: Change your password immediately on the real website. If you entered bank details, call your bank to cancel your card. Report the email to your national fraud service and to your email provider as phishing.
: Partially. Modern antivirus programs include anti-phishing filters that block some fraudulent sites. But scammers create new fake sites constantly, so your antivirus cannot know them all. Your vigilance remains the best protection.
: Scammers now use AI tools to write emails without spelling mistakes and faithfully reproduce the style of official organisations. That is why checking the sender's address rather than the visual quality of the message is essential.