In this article, we’ll talk about junk mail and list the most common spam email examples. We’ll provide answers as to why you receive junk mail in the first place, how to recognize it, and what the most common spam emails are.
Most popular phishing and spam email examples of 2026
According to Statista, in December 2025, spam emails accounted for 51.8% of total email traffic — and most of it was malicious, like phishing, malware, or ransomware. Junk mail is not only annoying — interacting with these emails results in financial losses and identity theft.
We’ve picked the most popular email fraud schemes you can find in your inbox. Some of them are old, others are relatively recent.
| Scam type | What it claims | Main red flag |
| AI-personalized scam | Email appears to be from someone you know | Highly personalized but unusual request or urgency |
| PayPal payment request | You sent or received a payment | Incorrect recipient email address |
| Google calendar invite | Meeting or file shared with you | Suspicious .ics file or external link |
| Apple ID verification | Your Apple ID is locked | Generic greeting + fake login page |
| Inheritance scam | You inherited money | Request for personal or banking data |
| Declined payment | Your payment failed | Link to update billing info |
| Account suspension | Your account is locked | Urgent call to “verify immediately” |
| Gift card scam | Boss asks you to buy gift cards | Request for codes or PINs |
| McAfee order confirmation | Subscription renewed | Helpline number instead of account portal |
| Tax refund email | You’re owed money from the IRS | Non-@irs.gov sender domain |
| Fake HR email | Update employee information | Login link not matching company domain |
| Sextortion scam |
Claims to have compromising footage and demands cryptocurrency | Threat + demand for Bitcoin + often reused password |
| Package delivery scam | Delivery failed | Generic greeting + tracking link |
Personal email scams using AI
AI and email personalization are now weapons in email scams, and no one is safe. Here is how it works, according to the Financial Times: scammers use AI bots to gather information about web users through social media activity (for example, corporate executives) and analyze the topic those users are most likely to respond to. Then, scam emails are sent — and they seem like a real email from a family member or a friend. The problem is that popular email services, such as Google or Outlook, are yet to put protection in place.
The FBI issued a warning about AI scams in December 2024. So here’s advice you can follow:
- Put in place a secret code word with family and friends to verify each other’s identity if needed.
- Limit your online content and set your accounts to private. You can also check your followers’ lists to make sure they are only people you know personally.
- Always double-check by contacting the person, business, or organization in question. Receive an email from a friend? Send them a message on WhatsApp to let them know.
- Never share any sensitive information with people you don’t know.
PayPal scam
In January 2025, Fortinet’s CISO Carl Winsor reported about a new PayPal phishing scam that was shockingly believable. The email with the payment request comes from a legitimate PayPal email account and links to a legitimate PayPal website. The catch is in the recipient’s address: it won’t be yours. But as soon as you log in to decline the payment, hackers get ahold of your actual account. Why? Because PayPal links their account with yours.
The lesson here is to check everything, including the recipient field, and — if you are panicking over it, as any regular person would — just visit the website separately.
Google Calendar email invites
Millions of people receive Google Calendar invites daily, and scammers have found a way to exploit this. According to cybersecurity provider Check Point, over 4,000 fraudulent invites were sent in just one month in 2024, affecting 300 brands.
Here’s how it works: You receive an invitation that looks legitimate, seemingly from someone you know. Attached to the email is a calendar file (.ics) with a link to Google Forms or Google Drawings. Clicking on it leads to another link, taking you to a fake reCAPTCHA or support button. Those are fake, of course. In the end, you’re prompted to complete a bogus authentication process — ultimately handing over personal information and even your banking details.
Verify your Apple iCloud ID
These fake emails from Apple ask you to verify your account because it was put on hold for various reasons. But it’s a phishing attempt. If you click the link, you will be redirected to a fake Apple website that will steal your account information.
In this case, the generic greeting is what gives the scam away. Legit emails from businesses always start with your name or the moniker you used for the account.
Beneficiary and inheritance scams
This phishing scheme has been quite popular for a long time. This scam has circulated for decades. The general gist is the following: someone claims that you either inherited a lot of money or you’re entitled to the money from an unknown beneficiary fund. Then, they’ll ask you for personal data — but not to send you the money. Yet another “too good to be true” scheme, classic.
Declined payment
It’s another type of phishing scam. These spam emails claim that your payment was declined and you need to update the billing information — otherwise, your account will be disabled. But once you click the link in the email, you’ll be redirected to a phishing website.
Here’s a textbook example of this type of spam emails — looks pretty legit, by the way, we’re impressed! The only giveaway is slightly odd phrasing and maybe one lowercase letter after a full stop.
Your account has been locked
In this phishing scheme, spammers convince you that your account was suspended or limited for security-related reasons. To reactivate your account, you need to log in again using the link from the email. Then, like in other similar scams, spammers will steal your money or identity.
Scammers who use this scheme can impersonate various services — here’s an example of a fake Amazon email:
You can tell it’s not a legitimate email because of the email address — a legit email from Amazon would be sent from the @amazon.com domain. The email design is also a giveaway: Amazon emails are not entirely plain-text and contain the company logo and buttons instead of hyperlinks.
Gift card scams
This is a less popular phishing scam, but it’s still good to know about — even experienced users may be deceived. The scammers adopting this scheme send you emails pretending to be your boss or the CEO of your company, asking you to buy one or several gift cards for different purposes. Then, they’ll ask you for codes, PINs, and other data that will let them use the cards. The scammers may promise that they’ll pay you back — but they obviously won’t.
Here’s a relatively fresh example I found on Reddit:
McAfee alleged order scams
One of the recent phishing schemes that gained popularity in 2023 is emails impersonating McAfee — yes, the antivirus. These usually imitate transactional emails that notify you about buying or renewing a subscription, except you’ve never ordered anything. In these emails, there will be a helpline number or a hyperlink to cancel the alleged transaction… And this is how scammers lure you into giving away your credit card information.
Tax refund scams
This phishing scheme involves sending fake government emails that promise you a tax return. The link in the email redirects you to a website that seems to be legitimate but steals your personal and financial information.
Fake tax refund emails can look like this:
If you received a tax refund email like this, take a look at the email address first. For example, this email pretends to be from the IRS, which is a legit organization in the United States. However, the legitimate IRS domain is @irs.gov — any variation should be treated as suspicious.
Fake HR scams
Fake emails from the HR department are a part of a relatively new phishing scheme that became a trend in 2023. The scheme involves sending email notifications from HR departments — to sound more convincing, scammers may use LinkedIn to find out where you’re currently working. In these emails, the fake HR will often ask you to update or verify the employee data and give you a link where you can do so. However, this is a phishing link. Even worse, since you’ll probably use the work email and password for “verification”, such emails also threaten the organization, not just individuals.
Here’s a great example I found on PCRisk, a cybersecurity resource updating users on recent threats, including current email scams.
Sextortion scams
This email scam is one of the oldest, and it’s still relevant in 2024. It usually involves a scammer describing certain incriminating activities they saw and recorded you doing and asking you for money (usually bitcoin) in exchange for keeping the videos in secret. To sound more legit and frightening, scammers may include your personal information like your real social media accounts and so on.
This year, a new “leitmotif” in sextortion emails appeared — scammers started mentioning Pegasus, the military software for iOS and Android mostly used for spying on independent journalists and opposition activists. The baseline plot is still the same though, just with an extra detail that the scammer obtained the incriminating media via Pegasus. Here’s an example:
Although Pegasus is not an urban legend and such emails can be downright terrifying, here’s a thing to remember — Pegasus infections are typically reserved for high-profile targets. And if you are, let’s say, an activist, and you actually got infected, the people who did it would be more interested in your message history than in watching you touch yourself. They wouldn’t notify you about the infection as well.
Package scams
This phishing scheme has emerged during the COVID-19 pandemic and remains relevant to this day. Spammers send fake emails from delivery services like FedEx or UPS — like the one below:
Of course, you shouldn’t click the link to “update” your address — you’ll become the victim of phishing.
Here’s another variation of the scam — instead of a “failed delivery” notification, you may receive an almost legit email that looks like this:
Why am I getting spam emails?
Let’s take a look at some common methods that spammers use to obtain email addresses — and how to protect yourself from junk mail.
Data breaches
Many web services and mobile apps require an email address for signing up. When you create an account, your email goes into a list. Companies know how to send mass emails — they use this list for notifications and marketing materials. Then, data breaches happen, and the entire contact lists with other personal data end up on sale. Finally, spammers use these lists to send malicious emails.
Even large corporations suffer from security breaches — in fact, this happens almost every other week. In 2024, there were 3,158 data compromises, according to the Identity Theft Resource Center. That resulted in the issue of more than a billion data breach notices.
While individuals can’t control company-level breaches, and the only way to protect yourself from them is to either avoid any online services in general or use a temporary email service — and that’s not always possible. Learning how personal data removal services work through an incogni review can also help users understand ways to reduce their exposure online.
However, if you suddenly started receiving spam emails, checking if your data was compromised is the right move. There are a number of apps to help you, with Have I Been Pwned? being one of the most popular options. Enter your email address, and the service will check its database for any matches. If your address was found in a breach, you’ll receive a message with a list of incidents.
Accidental self-exposure
Data breaches are not the only source for spam mail. Spammers use publicly available information that users expose on social media and forums. For example, you wrote something like “Contact me at address@gmail.com” or made your address available for other users on a job search website — online activities like these make you a target for email harvesting.
Even if you absolutely need to publish your email address online, you can still prevent self-exposure and loads of spam in your inbox. Here are some ways to do this:
- Change your privacy settings on social media
- Give your email address in private messages instead of comments
- Create a fake email address like darialinkedin@gmail.com — that way, your personal data will remain unaffected, and your personal inbox will be free from unwanted messages
Links in spam emails
Sometimes, spam emails have an unsubscribe link — like this one:
Clicking on this usually barely noticeable link won’t lead you to less spam — if anything, you’ll get more spam in return. Spammers use fake unsubscribe links to verify that your email account is active. It’s often done as a part of dictionary attacks — spammers basically guess which addresses exist and send emails for a ping. By clicking an unsubscribe link in a spam email, you’re basically saying, “Hey, this address is real, and I’m using it actively, please send me more emails!”. This confirms your email is active and may lead to more spam. Such links may also lead to compromised websites used for phishing or installing dangerous software on your device.
Long story short, clicking on unsubscribe links in spam emails or responding to them is dangerous. That’s why if you come across a suspicious email, just delete it from your inbox. You can also flag such emails as spam if the filter didn’t catch them — this will protect you from receiving more emails from the same address.
We didn’t cover all the possible email fraud schemes — we listed the most common spam and phishing emails. But what if you received an email that doesn’t fall under any of these categories?
How to identify a junk message quickly
Modern email apps have spam filters. For example, Gmail uses a neural net system that learns to separate junk mail from regular emails. But even AI is not infallible. Sometimes Gmail mistakes social media notifications or just emails with links and attachments for spam — and vice versa. That’s why we give you these key features of junk mail to look for.
Suspicious email addresses
Pay attention to any unfamiliar addresses in your inbox. But just because you don’t know it doesn’t mean it’s a spam email. Here’s the list of red flags in email addresses:
- Random numbers and letters like ngoctrinh1403@gmail.com.
- Public email domain, especially if it’s a message from an organization — gmail.com, yahoo.com, etc. Keep in mind that businesses use their own domains.
- Typos or extra symbols in a company domain, like @amazonhelp.art instead of @amazon.com.
- “Donotreply” or other variations instead of the standard “no-reply” address for automated notifications.
But some spammers learned how to plausibly imitate corporate emails — or, even worse, use legit addresses of different organizations to send spam.
Legit email addresses of weird companies
That’s a relatively new trick spammers use. I started noticing the first instances of such spam in early 2023, and by May 2024, most of my spam folder content looks like this:
Here’s how it works: spammers sign up for newsletters or leave requests at legit business helpdesks, and put a phishing link and a message (usually about winning a lottery) instead of a username or a message. Spammers will also use your email address as the contact info. So, it will look like you received a regular transactional email or a newsletter issue from a real organization — except you’ve never subscribed to this service or requested help at this helpdesk.
The method was so effective that these emails didn’t even end up in spam — they showed up in the primary inbox. Now, the filters have adapted to the method, and such emails do end up in spam. However, if they don’t, pay attention to transactional or marketing messages from brands you’ve never interacted with: chances are, these are spam.
Foreign and mixed languages
This feature is related to the previous one. Quite often, those spammers sending emails via other companies’ newsletters and support systems use random companies that don’t even reside in your country. For example, they may use Japanese businesses while targeting English-speaking victims.
Spam filters in Gmail are actually trained to discover messages in mixed languages or languages you yourself don’t usually communicate in. However, if one of these slipped into your primary inbox, think of this: if the company was actually talking to you, would it use language you can’t understand without Google Translate?
But okay, let’s say, none of the above describe your email in question — what about the content itself? One reason to get suspicious is a request for personal information.
Personal data requests
Many businesses deal with personal data such as credit card information. For example, this is an email from Benchmark about cybersecurity concerns:
An important detail here is that Benchmark doesn’t ask the client to reply with personal data. Instead, the sender asks them to fill in the necessary information on the company’s website — unlike spammers:
This example is an obvious scam, and “Douglas” asks for relatively harmless data. But some spammers will ask you for credit card information or passwords. Keep in mind that, for example, bank employees will never ask you for the CVV code. That’s why any personal data request, even as innocent as the one above, is a major red flag.
Sense of urgency
Creating a sense of urgency and appealing to FOMO is a common manipulation tactic in advertising. For example, take a look at this last chance email from Barnes & Noble:
In this email, Barnes & Noble offers a personalized book selection and a 15% discount that is active for a short time period. They use urgency since the offer is limited — but not like this:
This spam email uses an indefinite time period instead of the precise expiration date to create the sense of urgency, all caps, multiple exclamation marks, and too many words like “limited” and “offer”. Such messages usually have clickbait email headers with the same words written in all caps and with excessive punctuation. Legit companies don’t introduce clients to limited offers using such blunt techniques.
But there’s one more sketchy detail — poor grammar at the end of the email. It brings us to the next junk mail feature — bad writing.
Poor or nonsensical writing
When it comes to poor writing in spam emails, most people recall the infamous Nigerian scam. It started before the internet — people received letters from Nigerian royals or businessmen that asked for help with transferring money. Later, it switched to digital and became more inventive with plots — for example, Nigerian princes turned into Russian entrepreneurs.
Take a look at this classic Nigerian scam email:
Nigerian scam emails were poorly written to look more convincing — their senders didn’t speak English as their first language. But other email scammers also write with typos, extra blank spaces, and odd phrasing — for different reasons:
- Machine translation. Weird syntax and word choices might be the result of a bad machine translation. If scammers appeal to a larger audience, they won’t spend time writing messages in different languages from scratch.
- Filtering the audience. Cormac Herley, a researcher from Microsoft, suggested that bad grammar and comical stories in Nigerian scam emails are designed to filter their readers. Smarter people won’t sit through an email full of typos — but the most gullible audience will.
- Tricking spam filters. It doesn’t work with modern spam filters — but historically, spammers deliberately misspelled words so they could slip into your inbox. Now, poor writing triggers AI-based filters instead of fooling them.
There is a different way of tricking spam filters, though, which involves sending you an email that is basically a pile of random, irrelevant words and numbers. This trick is called Bayesian poisoning — spammers “confuse” probability-based filters so they start labeling innocent words as spam and letting their emails right into the primary inbox.
Needless to say, do not open such attachments.
Impersonal delivery
According to Campaign Monitor, personalized emails increase sales by 20%. And personalization is not only about data-driven customization of offers — it’s also about the language. Businesses include clients’ names even in formal notification emails — like this one from Amazon:
Spammers can imitate such notification emails in a pretty convincing way — except for one small detail. Compare our previous example to this fake Amazon email:
Even if fake emails imitate notifications from large companies, they have generic greetings like “Dear Customer/Client” or “Dear Sir/Madam”. But this, like the features we mentioned earlier, doesn’t have a lot to do with the email content itself. What about it?
Too good to be true
Some spam emails will promise you a reward for clicking a link, downloading an attachment, or sending personal information. It can be a ridiculous amount of money or any other bonus from a company or even a celebrity. But the thing is, if it’s too good to be true, it’s likely a lie. For example, this email is definitely not from Mark Zuckerberg.
These are the most prominent features of junk mail. If you come across any of these in the new email, do the following:
- Don’t click on any links, download attachments, or respond.
- Mark this email as “Spam” so you won’t receive more junk mail from the same sender — or delete it from your inbox.
FAQ about spam email examples
What is a spam email example?
A spam email example is any unsolicited message sent in bulk attempting to promote something, steal personal information, or trick the recipient into clicking a malicious link. These messages often create urgency, use generic greetings, and contain suspicious links or attachments.
What is the most common spam email?
Common spam email examples include:
- Fake PayPal payment requests.
- “Your account has been locked” notifications.
- Tax refund scams impersonating the IRS.
- Package delivery failure emails from fake FedEx or UPS accounts.
- Sextortion emails demanding cryptocurrency.
The most common spam emails are phishing scams impersonating trusted brands such as banks, Amazon, PayPal, Apple, or government agencies.
How do I know if an email is spam?
You can identify spam emails by looking for these red flags:
- Generic greetings like “Dear Customer”.
- Suspicious sender email addresses.
- Urgent language demanding immediate action.
- Requests for personal or financial information.
- Links that don’t match the company’s official domain.
- Poor grammar or unusual formatting.
If something feels off, do not click any links. Visit the company’s official website directly instead.
Why am I suddenly getting more spam emails?
You may receive more spam emails after:
- A data breach involving a service you use.
- Sharing your email publicly online.
- Signing up for low-quality websites.
- Your email being sold in bulk lists.
The worst part is that once your address appears on spam lists, it may circulate among multiple scammers.
Can spam emails hack you?
Spam emails themselves cannot hack anyone simply by being opened. However, clicking malicious links or downloading infected attachments can:
- Install malware.
- Steal login credentials.
- Compromise your device.
- Lead to identity theft.
This is why you should never interact with suspicious links or files.
New and noteworthy on our blog 
