Stories & Examples

With the interactive scenarios based on real details below, you can put yourself in the shoes of someone struggling with a phishing attack. Think through how each person could have handled the situation differently. Consider if you might be vulnerable to a similar scam.

With the provided questions and answers for each scenario, you'll learn what to watch out for and how to protect yourself.

Practice your response with these scenarios

Avatar of a fictitious character named "Gilly"

Can you relate?

Avatar of a fictitious character named "Gordon"

What would you do?

Avatar of a fictitious character named "Garmin"

Could this happen to you?


Garmin is an IU graduate student in his final year. He receives a message that seems to be from the head of his department, recommending he attend an upcoming event.

He clicks the “Register” link, which results in a “page not found” notice on an unknown website.Garmin doesn’t realize that by clicking the link, a keylogging malware application was installed on his computer. Later, from that same computer, he makes some online purchases.

pencil writing iconBefore expanding the below sections, write down your responses for yourself. Then compare your answers.

Now that you have practiced your responses, let's add to your skillset.  

The hook: Follow urgent banking transaction instructions

phishing example of impersonating a manager giving bank wiring instructions

This is an example of a spear phishing email, designed to impersonate a person of authority requiring that a banking or wiring transaction be completed. The request is designed to be urgent to prompt action without thinking. 

Image source: blog article "15 Examples of Phishing Emails from 2016-2017"

The hook: Complete invoice payment or face penalties

phishing example of impersonating a company with an unpaid invoice and requiring payment

This email impersonates a financial institution requiring that an invoice be paid. 

Image source: blog article "15 Examples of Phishing Emails from 2016-2017"

The hook: Enter details to process refund

phishing example of Amazon email notice requiring action to receive refund

This phishing email impersonated Amazon, requiring immediate action in order to receive a refund. Notice several punctuation errors in the text. When hovering over the URL, you would also see a URL domain that was designed to look legitimate, but was not an actual Amazon domain. 

Image source:

The hook: Investigate unusual account activity

phishing example of email from Microsoft tech support

This email makes the recipient concerned about (fake) recent international activity on their account. The email contains a link to review the activity, but the link was not legitimate.

Image source:

The hook: Restart service with payment

phishing example of a Netflix email notification requiring restart action via a link

This email impersonates Netflix, a popular video streaming service, and requires that the recipient click the link to restart a membership. This was a very sophisticated phish, mimicking the service's brand and all the way through to a scam site that collected payment details. 

Image source: blog article "15 Examples of Phishing Emails from 2016-2017"

The hook: Send sensitive information to authority immediately

phishing example of request for recipient to send sensitive info via email

This email impersonates an authority at the company and requires that sensitive information is sent to a third party (a fake accounting firm). While you might not have access to W-2 forms, consider other data you have access to that could be requested by a spammer. Investigate all requests for data extremely carefully and use only approved ways to share sensitive institutional data.

Image source: blog article "15 Examples of Phishing Emails from 2016-2017"