Glance Threat Intelligence
Know What's Out There
Detailed profiles on the most dangerous email scams circulating today. Real attacker domains, psychological triggers, and red flags — so you recognize them before they reach you.
PayPal Phishing Email
Attackers impersonate PayPal to steal login credentials and payment info. Emails claim your account is suspended or limited and demand immediate action.
Fake Amazon Order Confirmation
Fake order confirmation emails claim a large purchase was made on your account. Clicking "Cancel Order" leads to credential theft.
Bank Account Phishing Email
Fake bank emails claim suspicious activity was detected and require immediate login to verify your account. Designed to steal banking credentials.
Microsoft 365 Credential Phishing
Attackers impersonate Microsoft to steal Office 365 credentials. Emails warn that your account has been suspended or your password is about to expire, directing you to a convincing fake login page that captures your username and password.
Google Account Security Alert Phishing
Fake Google security emails claim a new device or suspicious login was detected and require you to verify your identity. The linked page mirrors the Google sign-in page exactly and harvests credentials along with recovery codes.
Fake Bank Wire Transfer Alert
Fraudsters send emails mimicking major banks claiming an outgoing wire transfer of thousands of dollars is pending your confirmation. Clicking the cancellation link leads to a fake banking portal that steals login credentials and sometimes requests a "verification transfer."
Apple ID Locked Phishing
Attackers send emails mimicking Apple claiming your Apple ID has been locked or suspended due to unusual activity. The linked fake Apple sign-in page captures your Apple ID, password, and security questions, giving attackers full access to your devices and payment method.
Netflix Billing Failure Phishing
Fake Netflix emails claim your monthly payment failed and your account will be cancelled unless you update your billing details. The linked page is a near-perfect copy of Netflix's site and captures full payment card information including CVV.
Fake DocuSign Document Request
Attackers send emails impersonating DocuSign claiming a document requires your urgent signature. Clicking "Review Document" redirects to a fake Microsoft or Google login page to harvest credentials, or downloads a malware-laden file disguised as a PDF.
Fake Dropbox Shared File Notification
Fraudulent emails mimic Dropbox file-sharing notifications, claiming someone shared an important document with you. The "View File" button leads to a fake Dropbox or Microsoft login page to steal credentials, or initiates a drive-by malware download.
Fake Zoom Meeting Invite
Attackers send emails impersonating Zoom with a fake meeting invitation. Clicking "Join Meeting" redirects to a spoofed Zoom login page that harvests credentials, or prompts download of a fake Zoom installer containing malware.
Fake Package Delivery Fee Demand
Scammers impersonate USPS, FedEx, or UPS claiming your package is held due to unpaid customs or delivery fees. The linked payment page collects full card details and sometimes personal ID documents.
Fake LinkedIn Connection or InMail
Attackers send emails mimicking LinkedIn connection requests or InMail notifications. Clicking "Accept" or "View Message" leads to a fake LinkedIn login page that captures credentials, which are then used for BEC attacks or sold.
Crypto Wallet Drainer / Fake Exchange Scam
Scammers impersonate major crypto exchanges like Coinbase or Binance, or deploy "wallet drainer" smart contracts disguised as giveaways and airdrops. Victims are asked to connect their crypto wallet or enter their seed phrase to "verify" or "claim" funds — after which the attacker drains all assets instantly.
Fake Bank Security Alert
Attackers send realistic bank security alerts claiming a suspicious transaction was flagged on your account. The email urges you to verify your identity by clicking a link that leads to a cloned bank login page. Once credentials are entered, attackers take over the account, change the password, and initiate wire transfers.
Facebook / Instagram Account Phishing
Attackers send emails or DMs impersonating Meta claiming your Facebook or Instagram account has been flagged for a policy violation, copyright infringement, or suspicious login. A link leads to a convincing fake login page that steals your credentials and linked payment methods.
SMS Phishing (Smishing) Attack
Smishing uses SMS text messages to trick victims into clicking malicious links or calling fake support numbers. Common lures include fake package delivery holds, bank fraud alerts, and prize notifications. Links lead to credential-harvesting pages optimized for mobile screens.
Credential Stuffing / Account Takeover
Attackers use large lists of stolen username-password pairs from prior data breaches and automatically test them against popular services. Victims who reuse passwords across sites lose access to email, banking, shopping, and social accounts without any phishing click required. Compromised accounts are drained, sold, or used for further fraud.
Fake Toll Road / Parking Violation Notice
Scammers send texts or emails impersonating toll agencies like E-ZPass or state DMVs claiming an unpaid toll or parking violation is accruing late fees. The linked payment portal collects full payment card details. The small amount requested ($3–$15) reduces suspicion while the card data is harvested for larger fraud.
Fake Subscription Renewal Notice
Fake subscription renewal emails impersonate Netflix, Amazon Prime, Hulu, or antivirus vendors claiming a large annual renewal charge has been processed or a payment failed. Victims are directed to a spoofed cancellation or billing update page that steals payment card information or login credentials.
Bank Security Alert Impersonation Phishing
Attackers send highly realistic bank security emails claiming a suspicious transaction or unauthorized login was detected on your account. The email links to a pixel-perfect clone of your bank's login page that captures your username, password, and one-time verification code in real time, enabling immediate account takeover.
IRS Tax Scam Email
Scammers impersonate the IRS claiming you owe back taxes or have an unclaimed refund. The IRS never initiates contact by email.
Social Security Number Suspended Scam
Scammers claim your Social Security Number has been suspended due to suspicious activity and demand you call a number immediately.
Microsoft Tech Support Scam
Emails or pop-ups claim your Windows PC has a virus and instruct you to call a fake Microsoft support number. Remote access leads to data theft.
Romance / Pig Butchering Scam
Scammers build fake romantic relationships online over weeks or months before requesting money or cryptocurrency investments. Known as "pig butchering" when investment fraud is involved.
Gift Card Payment Scam
Scammers impersonate bosses, government agencies, or utilities demanding payment via gift cards. Gift card payments are untraceable and non-refundable.
Fake Lottery or Sweepstakes Winner Notice
Victims receive congratulatory emails claiming they have won a lottery or sweepstakes they never entered. To claim the prize, victims must pay "processing fees," "taxes," or "legal costs" upfront. No prize ever materializes.
Fake Remote Job Offer Scam
Scammers post fake job listings or send unsolicited job offer emails promising high pay for simple remote work. After "hiring," they request payment for training materials, equipment, or background checks, and may also collect personal information for identity theft.
Grandparent Emergency Scam
Scammers impersonate a grandchild (or their lawyer) claiming to be in jail, hospitalized, or stranded and needing immediate money for bail or medical bills. The caller urges secrecy to prevent family embarrassment, isolating the victim from people who could intervene.
Fake Inheritance Legal Fee Scam
Victims receive professional-looking emails from a fake law firm or bank claiming a distant relative has died and left them a large inheritance. To release the funds, victims must pay escalating legal fees, taxes, and bribes. No inheritance exists.
Fake Disaster Relief Charity Scam
Scammers register lookalike charity domains and send solicitation emails immediately after major disasters or news events. Donations go directly to criminals, not victims. Some campaigns impersonate well-known charities like the Red Cross.
Advance Fee (419) Fraud
A foreign prince, diplomat, or official contacts you claiming to need help moving millions of dollars out of their country. In exchange for your bank details and small upfront fees, you are promised a large cut. Fees escalate indefinitely and no money ever arrives.
Medicare Card Renewal Phishing
Scammers impersonate Medicare or CMS claiming your Medicare card is expiring or your benefits need to be updated. They collect Medicare numbers, Social Security numbers, and bank account details under the guise of issuing a new card, then commit medical identity theft and financial fraud.
Lottery / Prize Winner Scam
Victims receive emails claiming they have won a lottery, sweepstakes, or international prize they never entered. To claim the winnings, they are asked to pay advance fees for taxes, legal processing, or wire transfer costs. The fees escalate over time and no prize ever arrives.
Romance Investment Fraud (Pig Butchering)
Attackers build a convincing romantic relationship over weeks or months via email, dating apps, or social media, then introduce a "profitable" cryptocurrency or trading platform. Victims deposit increasing amounts of money, see fake returns on a fraudulent dashboard, and are hit with fake "tax" fees before they can withdraw. By the time they realize it is a scam, funds are gone.
Voice Phishing (Vishing) Phone Scam
Vishing is phone-based phishing where attackers call victims using spoofed caller ID numbers that appear to be from banks, the IRS, Social Security Administration, or major tech companies. They use fear, urgency, and impersonation to extract personal information, credentials, or direct payments over the phone.
Medicare / Healthcare Impersonation Scam
Scammers impersonate Medicare, CMS, or insurance agents to collect Medicare numbers, Social Security numbers, and banking details from seniors. They offer free medical equipment, "new Medicare cards," or extra benefits as lures. Collected data is used for medical identity theft, fraudulent billing, and financial account access.
Government Agency Impersonation Scam
Scammers impersonate federal agencies including the IRS, Social Security Administration, FTC, and Department of Homeland Security. Emails and calls threaten legal consequences, arrest warrants, or frozen benefits unless the victim pays immediately or provides personal information. Government agencies do not demand payment by gift card, crypto, or wire transfer.
Fake Utility Company Shutoff Notice
Scammers impersonate local electric, gas, or water companies and call or email customers claiming their service will be disconnected within hours for an overdue balance. Victims are directed to pay immediately via gift cards, a payment kiosk, or a fake online portal. Real utilities never demand gift card payments or give only hours' notice for disconnection.
Real Estate Closing Wire Fraud
Attackers compromise the email of a real estate attorney, title company, or realtor and monitor closing conversations. Days before closing, they send updated wire transfer instructions that route funds to a criminal account. Victims wire their entire down payment to fraudsters.
Wire Transfer Fraud Email
Attackers impersonate a company executive, CFO, or trusted vendor and instruct an employee to initiate an immediate wire transfer to a new account. The request bypasses normal approval channels using urgency and authority. Once wired, funds are nearly impossible to recover.
Payroll Diversion / W-2 Fraud
Attackers impersonate an employee or HR personnel and request a change to direct deposit banking details. The new account belongs to the attacker, and the next payroll cycle deposits the victim's salary directly to the criminal. W-2 variants target tax preparers with fake requests to forward employee tax data.
Real Estate Closing Wire Fraud
Fraudsters compromise the email accounts of real estate attorneys, title companies, or realtors and monitor closing conversations. Shortly before closing day they send fraudulent wire transfer instructions from what appears to be a trusted party. Buyers wire their entire down payment or closing costs to the criminal's account.
Fake Crypto Investment Opportunity
Scammers pitch cryptocurrency investment platforms promising 20–50% weekly returns with no risk. Victims can withdraw small amounts initially (funded by new investors), but large withdrawals are blocked. Eventually the platform disappears with all deposited funds.
SIM Swap Attack
In a SIM swap attack, a fraudster calls your mobile carrier pretending to be you and requests a SIM transfer to a new phone. Once your number is moved to their device, they intercept SMS-based two-factor authentication codes and gain access to your bank, email, and crypto accounts.
Elder Financial Exploitation
Financial exploitation of older adults involves scammers, caregivers, or even family members manipulating seniors into transferring money, changing account beneficiaries, or signing documents. Tactics include fake government benefit programs, fraudulent investment advice, and manufactured emergencies designed to bypass a senior's trusted network.
Work-From-Home / Advance Fee Job Scam
Scammers post fake job listings or send unsolicited offers via email and LinkedIn promising high pay for simple remote tasks such as reshipping packages, processing refunds, or data entry. After "hiring," they request fees for training kits or background checks, or mail counterfeit checks for equipment purchases that victims are instructed to partially wire back.
Fake Charity / Disaster Relief Fraud
Fraudulent charity campaigns are launched within hours of major disasters, tragedies, or viral news events. Scammers register lookalike domain names, create convincing donation pages, and solicit funds that go entirely to criminals. Some impersonate legitimate charities like the Red Cross or Salvation Army to exploit their trusted reputation.
Fake Rental Listing / Advance Payment Fraud
Scammers post fake rental or vacation property listings on Craigslist, Facebook Marketplace, or lookalike sites with prices well below market value. Victims are told the landlord is traveling and cannot show the property, but a deposit is required to "hold" it. After payment, the listing disappears and the landlord is unreachable.
You've Won a Prize / Lottery Notification Scam
Victims receive emails, texts, or pop-ups congratulating them on winning a large cash prize, vehicle, or luxury item in a competition or sweepstakes they never entered. To claim the prize, victims must pay taxes, processing fees, or shipping costs upfront, which escalate with each payment while no prize ever materializes.
Stop reading about scams. Stop getting them.
Glance scans every incoming email against 12 layers of threat detection — including the domains and tactics listed on this page — before it hits your inbox.