The new phishing: How to spot email scams in 2025
Post categories
CEO of Sanebox
Your inbox is the key to almost everything you do online. No wonder scammers keep showing up
Think about it: your inbox is where your personal and professional worlds collide, from two-factor authentication codes, to delivery notifications, to medical prescriptions. It’s an archive of ancient calendar invitations and messages from your ex in 2008.
That’s why email is the perfect attack vector for scams. It only takes a few minutes, a free email account, and a list of scraped or purchased email addresses to get malicious messages into thousands of inboxes. And those messages are getting smarter every day.
At SaneBox, we filter millions of emails daily. We’ve seen it all: the suspicious invoices, near-perfect Apple login alerts, mysterious princes earnestly trying to transfer you billions of dollars…and we’ve noticed a worrying trend. Today’s phishing scams are getting smarter, more personalized, and much harder to spot.
Here’s how to recognize the smartest email scams and stay ahead.
Today’s scams don’t always look like scams
It used to be easy to spot scams. If the typos didn’t give it away, the message beginning “Dear Esteemed Beneficiary” surely did.
But phishing today has credible language. It’s not just your mom you need to worry about, even the most skeptical, and perennially online, people can be fooled. In fact, millennials are more likely to be victims than their Gen X counterparts!
Phishing emails use AI to generate convincing replies in any language or tone, and they are perfecting the dark art of “brand mimicry” to pose as legit companies. Scammers are playing the long game, too. They might not immediately present you with a suspicious form, or ask for your credit card details. They want to gather just enough breadcrumbs — your employer, your role, maybe some personal intel — to make their next attack even more believable, or to impersonate you. Some email scams you’d never see coming, like impersonating Lady Gaga to buy your painting!
Why even tech-savvy users fall for scams
Don’t feel bad if you can’t spot anything wrong with this email. Other than the spacing and address, it’s almost a complete replica of a legitimate email. Here’s why these emails work so well:
1. They hijack our trust
Well-loved companies like Facebook, Apple, and Spotify spend years conditioning us to associate their logo, colors, and tone with a warm fuzzy feeling of trust. They’ve done such an incredible job that our favorite brands light up our brains with the same emotional force as our families and partners! Your guard is down, and you’re more likely to click.
2. They exploit urgency and FOMO
“You’ve been tagged in a document.” “Your subscription failed.” These messages use social engineering to stir up anxiety. When we see something urgent and immediately actionable, like verifying a transaction or confirming that a login wasn’t us, our brains are seeking out the dopamine rush of completing a task. Except the task we just rushed to complete was clicking on a scam.
3. We’re experiencing cognitive overload
We’re skimming our emails, juggling tabs, and looking for quick wins in our inbox. Cognitive overload makes us more impulsive, and the urge to “just handle it” is exactly what phishers exploit. As long as we have a noisy inbox, we’ll be vulnerable to scams.
SaneBox Tip: Our SaneLater filter ensures only important emails go to your inbox. This reduces overwhelm, so you’re less likely to make hasty decisions and fall for a scam.
Email scam red flags to watch for in 2025
Subtle Domain Spoofing: Lookalike domains — think subtle changes like saneb0x.com, spot1fy.com — helped create $12.5B of losses from impersonation scams in 2024. Hover before you click. Watch for homograph attacks, too — which use the visual similarity of characters in different scripts to create URLs that look almost identical to ones you trust.
Sneaky attachments: “Invoice754332_PDF.exe for your recent service” uses a classic trick to make us believe we’re opening a PDF. At first glimpse, it looks like a regular invoice but it’s actually an executable file that can run malicious code on your machine. We’re conditioned to open attachments that reference money; don’t fall for it.
Vague personalization: “Quick question about {Your Employer} last payment.” Scammers use just enough detail to make a message sound legitimate, without proving they know who you are. Do not feed them more intel, no matter how minor it seems. Even something as simple as “I no longer work there,” or “is this meant for Brenda’s team?” gives scammers ammo for future scams.
SaneBox Tip: If it seems suspicious, drag the message to the BlackHole and you’ll never hear from that sender again.
Suspicious Timing: A request to update your credit card information on Christmas Day? A Friday night invoice demanding payment before the weekend? Phishing scams are often timed to strike when you’re distracted (or tipsy!) and less likely to scrutinize them. If the timing primes you to act with urgency, all the more reason to slow down.
Your email scam defense stack: SaneBox + Fastmail
Fighting against email phishing isn’t just about vigilance, it’s about stacking the right tools so you don’t have to battle alone.
Fastmail:
- All data is encrypted to the highest level
- Strict Transport Security header protecting all modern browsers against SSL stripping
- Regular internal security audits
SaneBox:
- AI filtering that’s based on your actual behavior
- One-click unsubscribe to banish senders to the BlackHole
- No ads, no tracking — ever
Dmitri Leonov is the CEO of SaneBox, an AI-powered email tool that helps people save time and stay focused. He has over 20 years of experience growing startups, leading strategy, and building high-performing teams.