Phishing Email Templates

CanIPhish maintains an ever-evolving library of free phishing email templates that update with the latest trends. Take a look at our library and see the emails for yourself!

How phishing emails trick victims

Phishing emails typically have a common set of goals that can be used to identify what type of attack is taking place. These goals usually involve credential harvesting, endpoint compromise, or business email compromise (i.e., reply-to attacks). Armed with an understanding of what an attacker's goal is, you can identify the techniques an attacker will likely use to trick its victim into interacting with the phish.

For credential harvesting, an attacker will craft a phishing email that contains links or buttons that lead to a malicious website. For endpoint compromise, an attacker will craft a phishing email that contains a malicious attachment, enticing the victim into downloading and opening it. For business email compromise or reply-to attacks, an attacker will craft a phishing email that attempts to have the victim respond to them. Ultimately, all phishing emails have a malicious goal and intention behind them.

Equipped with this information, take a look at our fake email templates and see if you can spot the goals behind them! Looking for a phishing email generator? Create a free account or try our email inbox simulator to see the unique ways we create phishing emails.

Fake Email Templates 108 Expense Claim Discrepancy Email Billing Overcharge Mistake Email New System Access Request Email OneDrive Excel Share Email OneDrive Word Share Email Dropbox Verify Login Email Facebook Verify Login Email Gmail Blocked Login Email Linkedin Password Reset Email Paypal Verify Login Email CommBank Unread Message Email Govia Tax Invoice Email Groupon Deals Email JIRA Notification Email Concur WFH Payment Email Booking Vacation Agreement Email Update Your Badge Email BTC Account Deposit Email Women Equality Day Email Office Holiday Party Email HSBC Account Locked Email AFP Subpoena Email Job Opportunity Email COVID19 Work Survey Email Ebay Item Purchase Email Concur Expense Report Email AusPost Shipping Confirmation Email CapitalOne Card Confirmation Email Bell Canada Account Lock Email FedEx Shipment Tracking Email Verizon Service Suspended Email Amazon Black Friday Email Canada Post Parcel Email DocuSign Sign Document Email Instagram Verify Login Email Netflix Reset Password Email Salesforce Reset Password Email Starbucks App Email Zoom Invite Email Qantas Unusual Login Email Uber New Device Email Deliveroo New Address Email Spam Filter Quarantine Email GitHub OAuth App Email African Bank Unread Message Email Office365 Password Reset Email Slack Password Reset Email AMEX Card Confirmation Email STC Service Suspended Email ADCB Unread Message Email Google Meeting Invite Email CRA Payment Form Email Xero Profit Loss Statement Email Xero Password Expiry Email Lyft Company Rides Email Business Opportunity Reply To Email Conference Attendance Reply To Email 1Password Password Change Email Bitwarden New Device Email Dashlane New Device Email LastPass Login Allowed Email Stripe Password Update Email Trello Workspace Invitation Email Zendesk Password Reset Email Zendesk Offline Chat Email Google Drive Shared File Email Sharepoint Access Request Email Teams Message Email Tik Tok New Device Email Adobe Security Details Changed Email Bank of America Suspicious Activity Email Udemy Credits Email Jenkins Unauthorized Access Attempt Email Pento Password Expiry Email HR Device Violation Email QR Code Google Workspace Email QR Code Office 365 Email QR Code Enter to Win Email Wire Transfer Confirmation Email Request For Quote Email Drata Account Inactivity Email Venmo Payment Notification Email BambooHR Benefits Notification Email Vanta Outstanding Task Email Apple Tax Invoice Email Shopify Unknown Bill Email ClickUp Suspicious Login Email Mailchimp Policy Violation Email ZipRecruiter Job Offer Email Quickbooks Delete User Email Zoho Group Invite Email Square Gift Card Email GoDaddy Security Breach Email Linkt Password Update Email Monday Policy Violation Email ADP Direct Deposit Email Confluence Calendar Event Email Teams Task Assignment Email Microsoft 365 Quarantine Email Innapropriate Email Attachment Email Password Change Email Urgent Software Update Email Email Account Deactivation Email CEO Payment Authorization Form Email BNZ Profile Update Email Air New Zealand Password Reset Email Transport for London Lost Item Email British Airways Travel Voucher Email

British Airways Travel Voucher Email

Email from British Airways advising a voucher has been issued due to a previous flight change

Transport for London Lost Item Email

Email from TfL advising that a bag has been found that contains cash and other belongings

Air New Zealand Password Reset Email

Email from Air New Zealand for a password reset

BNZ Profile Update Email

CEO Payment Authorization Form Email

This BEC phishing email is designed to impersonate the CEO and asks the user to process the payment by the end of the day.

Email Account Deactivation Email

An unknown user management tool is requesting email verification to prevent the user from losing access to their account

Urgent Software Update Email

An email that pretends to be from the company’s IT help desk, advising the employee to perform an urgent sofware update.

Password Change Email

Tech support advising a password change is required due to a recent security breach

Innapropriate Email Attachment Email

A message from HR asking the employee to review an email attachment

Microsoft 365 Quarantine Email

Notification from Microsoft that an email is held in quarantine for review

Teams Task Assignment Email

Notification from Microsoft Teams that a task has been assigned

Confluence Calendar Event Email

Confluence calendar notification of an upcoming copmany event

ADP Direct Deposit Email

Alert from ADP advising of a direct deposit change

Monday Policy Violation Email

Notification of inclusion in a policy violation register

Linkt Password Update Email

Password reset required notification from Linkt

GoDaddy Security Breach Email

GoDaddy notification requesting a domain be validated

Square Gift Card Email

Gift card delivery notification from Square

Zoho Group Invite Email

Quickbooks Delete User Email

New user warning notification from QuickBooks

ZipRecruiter Job Offer Email

Fake job offer that originates from an automated job pairing system

Mailchimp Policy Violation Email

ClickUp suspicious login prompting a password reset

Shopify Unknown Bill Email

Bill from Shopify enticing the recipient to view or dispute it

Apple Tax Invoice Email

Apple invoice with a link to a fake login page

Vanta Outstanding Task Email

Automated onboarding email notifying the user they have incomplete tasks

BambooHR Benefits Notification Email

Automated email from Bamboo HR advising the user that their company benefits are active

Venmo Payment Notification Email

Notification advising the user that they have received a Venmo payment

Drata Account Inactivity Email

Inactivity notification prompting the user to login to their account

Request For Quote Email

Fake quote request from an obscure organization

Wire Transfer Confirmation Email

Wire transfer notification prompting user to fill in an attached document

QR Code Enter to Win Email

Email asking employees to review a policy using a QR code as the method of interaction.

QR Code Office 365 Email

Office 365 themed email utilizing a QR code attack.

QR Code Google Workspace Email

Email prompting an employee to use a QR code to verify themselves.

HR Device Violation Email

Email from HR advising the employee has breached the device policy

Pento Password Expiry Email

Password expiry email leading to Pento login phishing site

Jenkins Unauthorized Access Attempt Email

Udemy Credits Email

Bank of America Suspicious Activity Email

Bank of America advising unusual activity with a link to login

Adobe Security Details Changed Email

Adobe email alerting user security details have changed

Tik Tok New Device Email

Teams Message Email

Missed Teams message that leads to credential harvesting

Sharepoint Access Request Email

Credential harvest attack using SharePoint request access function

Google Drive Shared File Email

Zendesk Offline Chat Email

Zendesk Password Reset Email

Trello Workspace Invitation Email

Stripe Password Update Email

LastPass allowed a recent login attempt.

Dashlane New Device Email

Dashlane new device authentication code.

Bitwarden New Device Email

Bitwarden new device login notification.

1Password Password Change Email

Conference Attendance Reply To Email

Using a fake email chain to trick employees.

Business Opportunity Reply To Email

Promises a lucrative business opportunity.

Lyft Company Rides Email

Xero Password Expiry Email

Xero Profit Loss Statement Email

Quarterly company profit and loss statement

CRA Payment Form Email

Google Meeting Invite Email

ADCB Unread Message Email

STC Service Suspended Email

AMEX Card Confirmation Email

Slack Password Reset Email

Office365 Password Reset Email

Password reset code for an Office365 account.

African Bank Unread Message Email

African Bank Unread Message Notification.

GitHub OAuth App Email

An OAuth App has been added to your account

Spam Filter Quarantine Email

Deliveroo New Address Email

New address registered on Deliveroo account

Uber New Device Email

Zoom Invite Email

Starbucks App Email

Salesforce Reset Password Email

Salesforce password expiration notification

Netflix Reset Password Email

Netflix password expiration notification

DocuSign Sign Document Email

Canada Post Parcel Email

Amazon Black Friday Email

Amazon Black Friday Promotion Notification

Verizon Service Suspended Email

FedEx Shipment Tracking Email

Bell Canada Account Lock Email

Bell Canada Account Lockout Notification

CapitalOne Card Confirmation Email

AusPost Shipping Confirmation Email

Concur Expense Report Email

Ebay Item Purchase Email

COVID19 Work Survey Email

COVID19 return to work survey attachment

Job Opportunity Email

AFP Subpoena Email

AFP Subpoena with attachment notification

HSBC Account Locked Email

Office Holiday Party Email

Google Drive file share for office party

Women Equality Day Email

Google is celebrating Women's Equality Day

BTC Account Deposit Email

Update Your Badge Email

Health employees need an updated ID badge

Booking Vacation Agreement Email

Concur WFH Payment Email

JIRA Notification Email

Groupon Deals Email

Govia Tax Invoice Email

CommBank Unread Message Email

Linkedin Password Reset Email

Curious about what you can do with our simulated phishing emails?

Phishing Email Features & Capabilities

1. Create, generate, or modify phishing email templates to suit your needs

Our simulated phishing platform is highly configurable, and using our HTML email editor, you can create, generate, duplicate, or modify existing phishing emails based on organizational requirements. In addition, the HTML editor gives you complete control over email content and design.

A common use case is that your organization may use bespoke software, interact with niche vendors, or have strict compliance requirements where you need to simulate specific content.

2. Choose from 74 different languages for each phishing email template

The CanIPhish team has invested significant resources in ensuring each phishing email in our library is multi-lingual in 74 different languages. This multi-lingual capability is coupled with our phishing websites and training modules, which are also available in 74 languages.

Multi-lingual phishing is particularly important for organizations with non-English speakers or a global employee base.

3. Dynamically insert personalized information to conduct spear-phishing

Inserting content at the time of email delivery is absolutely crucial to ensuring phishing emails are as realistic as possible. In support of this, the CanIPhish Cloud Platform allows for the dynamic insertion of content such as employee first names, last names, job titles, company names, and more.

4. Track and report against all forms of phishing email interactions

Delivering a phishing email is the first phase of running a successful phishing simulation exercise. The next phase is ensuring interactions are properly tracked and reported. This can include tracking who clicked on phishing links, who opened attachments, and who responded to phishing emails.

The CanIPhish Cloud Platform supports tracking and reporting against all three types of phishing interactions.

5. Benefit from emails themed after global and regional services

CanIPhish supports a variety of organizations across the globe, and while many organizations utilize global services, many also utilize localized services. These services include local banks, service providers, utility companies, etc. To ensure CanIPhish offers a diverse range of phishing templates, we selectively onboard and simulate these services at customer request.