Most Common Spam Emails You Can Encounter in 2025

Why am I getting spam emails?

Let’s take a look at some common methods that spammers use to obtain email addresses — and how to protect yourself from junk mail.

Data breaches

Many web services and mobile apps require an email address for signing up. When you create an account, your email goes into a list. Companies know how to send mass emails — they use this list for notifications and marketing materials. Then, data breaches happen, and the entire contact lists with other personal data end up on sale. Finally, spammers use these lists to send malicious emails.

Even large corporations suffer from security breaches — in fact, this happens almost every other week. In 2024, there were 3,158 data compromises, according to the Identity Theft Resource Center. That resulted in the issue of more than a billion data breach notices. 

No one can prevent such breaches, and the only way to protect yourself from them is to either avoid any online services in general or use a temporary email service — and that’s not always possible. However, if you suddenly started receiving spam emails, checking if your data was compromised is the right move. There are a number of apps to help you, with Have I Been Pwned? being one of the most popular options. Enter your email address, and the service will check its database for any matches. If your address was found in a breach, you’ll receive a message with a list of incidents.

Accidental self-exposure

Data breaches are not the only source for spam mail. Spammers use publicly available information that users expose on social media and forums. For example, you wrote something like “Contact me at [email protected]” or made your address available for other users on a job search website — online activities like these make you a target for email harvesting.

Even if you absolutely need to publish your email address online, you can still prevent self-exposure and loads of spam in your inbox. Here are some ways to do this:

• Change your privacy settings on social media
• Give your email address in private messages instead of comments
• Create a fake email address like [email protected] — that way, your personal data will remain unaffected, and your personal inbox will be free from unwanted messages

Links in spam emails

Sometimes, spam emails have an unsubscribe link — like this one:

Clicking on this usually barely noticeable link won’t lead you to less spam — if anything, you’ll get more spam in return. Spammers use fake unsubscribe links to verify that your email account is active. It’s often done as a part of dictionary attacks — spammers basically guess which addresses exist and send emails for a ping. By clicking an unsubscribe link in a spam email, you’re basically saying, “Hey, this address is real, and I’m using it actively, please send me more emails!”. This information will go further, and you’ll get spam-bombed. Such links may also lead to compromised websites used for phishing or installing dangerous software on your device. 

Long story short, clicking on unsubscribe links in spam emails or responding to them is dangerous. That’s why if you come across a suspicious email, just delete it from your inbox. You can also flag such emails as spam if the filter didn’t catch them — this will protect you from receiving more emails from the same address.

Most popular phishing and spam examples of 2025

In December 2023, spam emails accounted for 46% of total email traffic — and most of it was malicious, like phishing, malware, or ransomware. Junk mail is not only annoying — interacting with these emails results in financial losses and identity theft. 

We’ve picked the most popular email fraud schemes you can find in your inbox. Some of them are old, others are relatively recent. 

Personal email scams

You read that right: at the beginning of the year, the US news cycle was shaken by a grim warning — AI and email personalization are now weapons in email scams, and no one is safe. Here is how it works, according to the Financial Times: scammers use AI bots to gather information about web users through social media activity (for example, corporate executives) and analyze the topic those users are most likely to respond to. Then, scam emails are sent — and they seem like a real email from a family member or a friend. The problem is that popular email services, such as Google or Outlook, are yet to put protection in place.

The FBI issued a warning about AI scams in December 2024. So here’s advice you can follow:  

• Put in place a secret code word with family and friends to verify each other’s identity if needed.
• Limit your online content and set your accounts to private. You can also check your followers’ lists to make sure they are only people you know personally. 
• Always double-check by contacting the person, business, or organization in question. Receive an email from a friend? Send them a message on WhatsApp to let them know. 
• Never share any sensitive information with people you don’t know.

PayPal scam

In January 2025, Fortinet’s CISO Carl Winsor reported about a new PayPal phishing scam that was shockingly believable. The email with the payment request comes from a legitimate PayPal email account and links to a legitimate PayPal website. The catch is in the recipient’s address: it won’t be yours. But as soon as you log in to decline the payment, hackers get ahold of your actual account. Why? Because PayPal links their account with yours.

The lesson here is to check everything, including the recipient field, and — if you are panicking over it, as any regular person would — just visit the website separately. 

Google Calendar email invites

Millions of people receive Google Calendar invites daily, and scammers have found a way to exploit this. According to cybersecurity provider Check Point, over 4,000 fraudulent invites were sent in just one month in 2024, affecting 300 brands.

Here’s how it works: You receive an invitation that looks legitimate, seemingly from someone you know. Attached to the email is a calendar file (.ics) with a link to Google Forms or Google Drawings. Clicking on it leads to another link, taking you to a fake reCAPTCHA or support button.  Those are fake, of course. In the end, you’re prompted to complete a bogus authentication process — ultimately handing over personal information and even your banking details. 

Verify your Apple iCloud ID

These fake emails from Apple ask you to verify your account because it was put on hold for various reasons. But it’s a phishing attempt. If you click the link, you will be redirected to a fake Apple website that will steal your account information. 

In this case, the generic greeting is what gives the scam away. Legit emails from businesses always start with your name or the moniker you used for the account. 

Beneficiary and inheritance scams

This phishing scheme has been quite popular for a long time. I remember getting dozens of those in my spam folder pretty well, both in English and in my native language (poorly translated via Google, obviously). The general gist is the following: someone claims that you either inherited a lot of money or you’re entitled to the money from an unknown beneficiary fund. Then, they’ll ask you for personal data — but not to send you the money. Yet another “too good to be true” scheme, classic.

Declined payment

It’s another type of phishing scam. These spam emails claim that your payment was declined and you need to update the billing information — otherwise, your account will be disabled. But once you click the link in the email, you’ll be redirected to a phishing website. 

Here’s a textbook example of this type of spam emails — looks pretty legit, by the way, we’re impressed! The only giveaway is slightly odd phrasing and maybe one lowercase letter after a full stop.

Your account has been locked

In this phishing scheme, spammers convince you that your account was suspended or limited for security-related reasons. To reactivate your account, you need to log in again using the link from the email. Then, like in other similar scams, spammers will steal your money or identity. 

Scammers who use this scheme can impersonate various services — here’s an example of a fake Amazon email:

You can tell it’s not a legitimate email because of the email address — a legit email from Amazon would be sent from the @amazon.com domain. The email design is also a giveaway: Amazon emails are not entirely plain-text and contain the company logo and buttons instead of hyperlinks.

Gift card scams

This is a less popular phishing scam, but it’s still good to know about — even tech-savvy users can fall for it. The scammers adopting this scheme send you emails pretending to be your boss or the CEO of your company, asking you to buy one or several gift cards for different purposes. Then, they’ll ask you for codes, PINs, and other data that will let them use the cards. The scammers may promise that they’ll pay you back — but they obviously won’t.

Here’s a relatively fresh example I found on Reddit:

McAfee alleged order scams

One of the recent phishing schemes that gained popularity in 2023 is emails impersonating McAfee — yes, the antivirus. These usually imitate transactional emails that notify you about buying or renewing a subscription, except you’ve never ordered anything. In these emails, there will be a helpline number or a hyperlink to cancel the alleged transaction… And this is how scammers lure you into giving away your credit card information.

Tax refund scams

This phishing scheme involves sending fake government emails that promise you a tax return. The link in the email redirects you to a website that seems to be legitimate but steals your personal and financial information.

Fake tax refund emails can look like this:

If you received a tax refund email like this, take a look at the email address first. For example, this email pretends to be from the IRS, which is a legit organization in the United States. However, the real IRS domain is @irs.gov — and what is this “irs-support” domain? You guessed it: a scam.

Fake HR scams

Fake emails from the HR department are a part of a relatively new phishing scheme that became a trend in 2023. The scheme involves sending email notifications from HR departments — to sound more convincing, scammers may use LinkedIn to find out where you’re currently working. In these emails, the fake HR will often ask you to update or verify the employee data and give you a link where you can do so. However, this is a phishing link. Even worse, since you’ll probably use the work email and password for “verification”, such emails also threaten the organization, not just individuals. 

Here’s a great example I found on PCRisk, a cybersecurity resource updating users on recent threats, including current email scams.

Sextortion scams

This email scam is one of the oldest, and it’s still relevant in 2024. It usually involves a scammer describing certain incriminating activities they saw and recorded you doing and asking you for money (usually bitcoin) in exchange for keeping the videos in secret. To sound more legit and frightening, scammers may include your personal information like your real social media accounts and so on.

This year, a new “leitmotif” in sextortion emails appeared — scammers started mentioning Pegasus, the military software for iOS and Android mostly used for spying on independent journalists and opposition activists. The baseline plot is still the same though, just with an extra detail that the scammer obtained the incriminating media via Pegasus. Here’s an example:

Although Pegasus is not an urban legend and such emails can be downright terrifying, here’s a thing to remember — you’re not that big of a target to get your phone infected by military spyware. And if you are, let’s say, an activist, and you actually got infected, the people who did it would be more interested in your message history than watching you touch yourself. They wouldn’t notify you about the infection as well.

Package scams

This phishing scheme has emerged during the COVID-19 pandemic and remains relevant to this day. Spammers send fake emails from delivery services like FedEx or UPS — like the one below:

Of course, you shouldn’t click the link to “update” your address — you’ll become the victim of phishing. 

Here’s another variation of the scam — instead of a “failed delivery” notification, you may receive an almost legit email that looks like this:

We didn’t cover all the possible email fraud schemes —  we listed the most common spam and phishing emails. But what if you received an email that doesn’t fall under any of these categories? 

How to identify a junk message quickly

Modern email apps have spam filters. For example, Gmail uses a neural net system that learns to separate junk mail from regular emails. But even AI is not infallible. Sometimes Gmail mistakes social media notifications or just emails with links and attachments for spam — and vice versa. That’s why we give you these key features of junk mail to look for.

Suspicious email addresses

Pay attention to any unfamiliar addresses in your inbox. But just because you don’t know it doesn’t mean it’s a spam email. Here’s the list of red flags in email addresses:

• Random numbers and letters like [email protected].
• Public email domain, especially if it’s a message from an organization — gmail.com, yahoo.com, etc. Keep in mind that businesses use their own domains.
• Typos or extra symbols in a company domain, like @amazonhelp.art instead of @amazon.com.
• “Donotreply” or other variations instead of the standard “no-reply” address for automated notifications.

But some spammers learned how to plausibly imitate corporate emails — or, even worse, use legit addresses of different organizations to send spam.

Legit email addresses of weird companies

That’s a relatively new trick spammers use. I started noticing the first instances of such spam in early 2023, and by May 2024, most of my spam folder content looks like this:

Here’s how it works: spammers sign up for newsletters or leave requests at legit business helpdesks, and put a phishing link and a message (usually about winning a lottery) instead of a username or a message. Spammers will also use your email address as the contact info. So, it will look like you received a regular transactional email or a newsletter issue from a real organization — except you’ve never subscribed to this service or requested help at this helpdesk.

The method was so effective that these emails didn’t even end up in spam — they showed up in the primary inbox. Now, the filters have adapted to the method, and such emails do end up in spam. However, if they don’t, pay attention to transactional or marketing messages from brands you’ve never interacted with: chances are, these are spam.

Foreign and mixed languages

This feature is related to the previous one. Quite often, those spammers sending emails via other companies’ newsletters and support systems use random companies that don’t even reside in your country. For example, they may use Japanese businesses while targeting English-speaking victims.

Spam filters in Gmail are actually trained to discover messages in mixed languages or languages you yourself don’t usually communicate in. However, if one of these slipped into your primary inbox, think of this: if the company was actually talking to you, would it use language you can’t understand without Google Translate?

But okay, let’s say, none of the above describe your email in question — what about the content itself? One reason to get suspicious is a request for personal information.

Personal data requests

Many businesses deal with personal data such as credit card information. For example, this is an email from Benchmark about cybersecurity concerns:

An important detail here is that Benchmark doesn’t ask the client to reply with personal data. Instead, the sender asks them to fill in the necessary information on the company’s website — unlike spammers:

This example is an obvious scam, and “Douglas” asks for relatively harmless data. But some spammers will ask you for credit card information or passwords. Keep in mind that, for example, bank employees will never ask you for the CVV code. That’s why any personal data request, even as innocent as the one above, is a major red flag.

Sense of urgency

Creating a sense of urgency and appealing to FOMO is a common manipulation tactic in advertising. For example, take a look at this last chance email from Barnes & Noble:

In this email, Barnes & Noble offers a personalized book selection and a 15% discount that is active for a short time period. They use urgency since the offer is limited — but not like this:

This spam email uses an indefinite time period instead of the precise expiration date to create the sense of urgency, all caps, multiple exclamation marks, and too many words like “limited” and “offer”. Such messages usually have clickbait email headers with the same words written in all caps and with excessive punctuation. Legit companies don’t introduce clients to limited offers using such blunt techniques. 

But there’s one more sketchy detail — poor grammar at the end of the email. It brings us to the next junk mail feature — bad writing. 

Poor or nonsensical writing

When it comes to poor writing in spam emails, most people recall the infamous Nigerian scam. It started before the internet — people received letters from Nigerian royals or businessmen that asked for help with transferring money. Later, it switched to digital and became more inventive with plots — for example, Nigerian princes turned into Russian entrepreneurs.

Take a look at this classic Nigerian scam email:

Nigerian scam emails were poorly written to look more convincing — their senders didn’t speak English as their first language. But other email scammers also write with typos, extra blank spaces, and odd phrasing — for different reasons:

• Machine translation. Weird syntax and word choices might be the result of a bad machine translation. If scammers appeal to a larger audience, they won’t spend time writing messages in different languages from scratch.

• Filtering the audience. Cormac Herley, a researcher from Microsoft, suggested that bad grammar and comical stories in Nigerian scam emails are designed to filter their readers. Smarter people won’t sit through an email full of typos — but the most gullible audience will. 

• Tricking spam filters. It doesn’t work with modern spam filters — but historically,  spammers deliberately misspelled words so they could slip into your inbox. Now, poor writing triggers AI-based filters instead of fooling them.

There is a different way of tricking spam filters, though, which involves sending you an email that is basically a pile of word and number vomit. This trick is called Bayesian poisoning — spammers “confuse” probability-based filters so they start labeling innocent words as spam and letting their emails right into the primary inbox.

Need I say, you shouldn’t open the attachment?

Impersonal delivery

According to Campaign Monitor, personalized emails increase sales by 20%. And personalization is not only about data-driven customization of offers — it’s also about the language. Businesses include clients’ names even in formal notification emails — like this one from Amazon:

Spammers can imitate such notification emails in a pretty convincing way — except for one small detail. Compare our previous example to this fake Amazon email:

Even if fake emails imitate notifications from large companies, they have generic greetings like “Dear Customer/Client” or “Dear Sir/Madam”. But this, like the features we mentioned earlier, doesn’t have a lot to do with the email content itself. What about it?

Too good to be true

Some spam emails will promise you a reward for clicking a link, downloading an attachment, or sending personal information. It can be a ridiculous amount of money or any other bonus from a company or even a celebrity. But the thing is, if it’s too good to be true, it’s likely a lie. For example, this email is definitely not from Mark Zuckerberg. 

These are the most prominent features of junk mail. If you come across any of these in the new email, do the following:

• Don’t click on any links, download attachments, or respond.
• Mark this email as “Spam” so you won’t receive more junk mail from the same sender — or delete it from your inbox.

Wrapping up

Spam emails might seem funny and clumsy but they are dangerous — phishing leads to loss of money and possible identity theft. Scammers get more inventive with their schemes — that’s why it’s important to know the key features of junk mail and never interact with such emails for the sake of your safety.

Some of the common spam emails are:

• Google Invite scams
• PayPal scams
• Fake Apple ID account verification
• Beneficiary and inheritance scams
• Declined payment emails
• Account suspension notifications
• Gift card scams
• McAfee fake subscription purchase or renewal scams
• Fake tax refund emails
• Messages from fake HRs asking you to verify employee data
• Sextortion scams involving cryptocurrency and mentioning spyware on your devices
• Fake package delivery notifications