Enterprise Solutions [Go to GAT Labs for Education solutions here]

6 Types of Phishing Emails to Keep an Eye on in 2022

6 Types of phishing emails

See GAT Labs
in action

Table of Contents

Phishing is the most common type of successful cyberattacks — which makes it a real threat to businesses of all types and sizes.

While phishing emails target both individuals and organisations, their impact on organizations can be significant, including recovery costs, loss of reputation, data breach fines, and decreased productivity.

The magical formula behind phishing is how they rely on simple psychological tricks, natural human responses, seasonality or global trends. 

This makes them hard to detect and increases their chances of stealing users’ sensitive information or credentials (using fake links or malicious attachments).

Today, as cybercriminals constantly update and polish their phishing scams, poor security practices and lack of employee phishing awareness make users more susceptible to these threats.

‘’Sophisticated phishing emails are behind more than 90% of successful cyberattacks’’ — Mike Rogers, US Chamber of Commerce’s cybersecurity summit.


  1. Phishing Awareness is your users’ first line of defence against phishing emails. Make sure they’re aware of current phishing trends and how to spot and deal with them.
  2. Email Filtering: Email filtering methods vary from Whitelisting certain senders, to enabling pre-delivery email scanning services.
  3. Use Anti-phishing Tools like GAT+ to save your domain from further damage if a phishing email ever gets in.
GAT+ enables Google Workspace Admins to instantly remove phishing emails from every account on their  domain if one ever gets in, thereby preventing further damage.



Complementing our awareness post The 5-Tell Tale Signs of a Phishing Email, make sure to share the below list too with your users:


‘’Malicious emails are up to 600% due to Covid-19%’’ — IBM and Ponemon Institute 2021 study. 

Basically, if there’s a worrying topic related to the pandemic, cyber criminals have sadly found a way to capitalise on it.

Keywords to look out for include: New variant details, Vaccination schemes, Booster shots, Health department guidelines.

See: 5 Pandemic Themed Phishing Emails to Watch Out for



Brand impersonation is one of the most common (and successful)  types of phishing emails, and we don’t expect it to go anywhere in 2022. 

Attackers trick you into thinking they’re someone you can trust enough to give out confidential information to, or click on links they provide.

ALWAYS double check the sender’s email first for inconsistencies.

If it doesn’t look right, check with the brand right away via the official contact details provided on their website.

Keywords to look out for include: Reset Password Required, Update payment information, Click on links, ect. 

Types of phishing emails - Brand Ipersonation



Postage-themed phishing emails have been making the rounds recently, whereby scammers ask you to pay a fee or track a fake package via a malicious link.

Be careful because these emails most often also integrate brand impersonation of well-known postage services, which makes them look more legitimate.

Keywords to look out for include: Failed delivery attempt, Pending customs fees, Tracking links of items you don’t recall ordering.



If an employee receives an email about a promotion or data breach, most likely than not they’ll open it. It’s a natural human response. Which is why these phishing emails get the most clicks.

Email subject lines requesting further actions with a sense of urgency or reward are a phishing classic — even with changing times, trends and subject lines.

Keywords to look out for include: Save your account, Grab your Bonus, Immediate Action required, Your Data will be lost.



This type of phishing emails has been especially targeting Finance employees, preying on their sense of responsibility to check and investigate any payment issues.

They then use fake links, attachments or even PDF files (see below) to steal your credentials, spread malware, etc.

Keywords to look out for include:  Overdue Invoice, Update Payment details, Pending Invoice, PO Attached.

Types of phishing emails invoices
Example of Phishing emails using fake pdf invoices



Finally, fake tax related phishing emails have been super common recently, especially during tax season.

They usually seek things like your Social Security Number, Banking details, or any other confidential information that can be used to impersonate you or hack your account(s).

If you receive a suspicious email purporting to be from a taxation entity, always further investigate before taking any action.

If you’re actually awaiting a tax or wage subsidy refund, contact your tax office first to check its status.

Keywords to look out for include: Your TAX Return for Year X, TAX Account Restricted, TAX Payment Deducted, TAX Refund Due, Update TAX Information.


Closing Thoughts:

While phishing emails keep changing to reflect the issues users care most about, if you look closer you’ll notice that the tell-tale signs don’t change much.

To protect your users and organisation against all types of phishing emails:

Increasing your user’s awareness of phishing is STEP ONE.

Deploying email filtering measures is STEP TWO.

And using Anti Phishing Tools for damage control is STEP THREE.

Stay in the loop

Sign up to our newsletter to get notified whenever a freshly baked blog post is out of our content oven.

Related Posts


Gmail Signature Bulk Management [Google Admins’ Guide]

How to manage Google Workspace signature in your organization? 98% of people use their name in their email signatures, and only 62% of business owners …

Read More
Google Workspace

AI-Powered Future. Tools to Improve your Google Workspace

Will artificial intelligence take you out of your job, Google Workspace admin? The artificial intelligence revolution is happening right now and nobody can deny it. …

Read More
Google Workspace

Admin, Control your Google Drive File Sharing

Google Drive file sharing has gained a permanent position in the structure of many organisations’ daily functionalities of Google Workspace. Never before has file sharing …

Read More

Google Workspace Admins’ Most Liked Blog Posts in 2022

Google Workspace Admin, are you a lifelong learning fan?  If so, you are in good hands. Instead of looking for learning opportunities blindly somewhere, take …

Read More