Top 10 Phishing Emails to look out for this Holiday Shopping Season

Black Friday and Cyber Monday are huge shopping occasions, not only in the US but across the world. Last year it was reported that the US spending over Thanksgiving reached an all time high with $89 billion being spent online.

Email campaigns offering deals and discounts are commonplace these days and every week retailers try to tempt me with discounts in an attempt to generate online sales. This dynamic method of communicating means that offers can be targeted based on my purchase history and the preferences I may have shared with the retailer.

On my shopping list this year are things I’ve been holding back purchasing in anticipation of discounts and offers that will surely land in my inbox, or that I might able to find online. One of them is a new laptop for my son.

But there’s also a dark side to some email that arrives in inboxes. Cybercriminals know that we get excited by deals and offers, or need to maintain our online payment methods, and they use this knowledge in an attempt to scam us. Most of us think of this as spam and just delete it, but sometimes it is difficult to identify the real emails from the fake ones.

Recently, I asked our research team which organizations in the US are being impersonated the most in emails. Specifically the ones used in “phishing” emails that attempt to gain access to your accounts, or trick you into providing your credentials so they can steal your hard earned cash.

The list below is compiled by AVG’s Web Threats Team from anonymous data from more than 200 million users and our own spam honeypot system.

  1. American Express
  2. Apple
  3. Bank of America
  4. Chase Bank
  5. Ebay
  6. FedEx, UPS, DHL
  7. Intuit (Taxes)
  8. Paypal
  9. Wells Fargo
  10. Westpac Bank

If you live outside the US then your list will look fairly similar with local banks from your country taking the place of the US banks in this list.

Checking my inbox from last week I count six emails that look like they are from Paypal, inspecting the emails closely I find that two of them are fraudulent phishing emails, both trying to get my login and password.


PayPal scam


The email looks and feels as though it came from Paypal, but there are some clues that point to its true nature.


  • If your email provider or security product, such AVG Internet Security, marked the email as Junk or Spam, then there is a very high probability that it is.
  • Look at the email address that sent the email, does it look correct? The address may include other parts for example [email protected] would be a legitimate address but if the address is [email protected], then this would be incorrect as it needs to be on the last part of the address.
  • In the example you can see its asking for incomplete account details to be submitted, I know my account is up to date so why are they asking such questions.
  • Has the email got the mandatory elements that companies need to use, registered office details, unsubscribe options, etc.
  • If you have clicked on it, and you shouldn’t if any of the above are true, then check the URL in the address bar, is the address, is the padlock there and does part of the address go green to show that the site has a valid digital certificate. If no to any of these then close the browser.

If at any point you think the email is spam and fraudulent then do not open or click on any links, just delete the email. Opening the email will download the content which the cybercriminals mark so that they know the email was opened and that your email account is active, they will send you more!

If you did click the link and you have up to date anti-virus software, such as AVG AntiVirus FREE, or AVG AntiVirus FREE for Android, then you should see a detection screen like the one below or your browser may also show a warning screen.

phishing warning

phishing detected

What do you do if you think the email was real and have not clicked or opened it, that’s an easy one. Open your browser and go to and login. I am sure if there is important account information they need they will ask for it when you login.

It’s important to have updated Anti-Virus software, as these types of attacks use websites that change and disappear in minutes to try and hide from detection. Having up to date security software gives you the best possible chance of being protected.

All this should not put you off finding that great deal or bargain online, but I hope these tips help you check what you click on or open and visually check it looks real. I know I will be looking for that deal this week and will be delighted if I find it online so I don’t need to join the crowds in store.


Leave a Reply