Three common types of phishing scams

March 19, 2020

Cyber criminals are always coming up with new ways to use phishing scams to steal your personal information."envelope marked with number 3"

But there are a few common scams that phishers use repeatedly to trick us into falling into their trap.

It’s good to be aware of the common types of phishing scams that are out there. That way, you can stay informed and protect yourself from being scammed.

The “free vacation” scam

Who could say no to a free trip to the Bahamas? No one (obviously!).

This is why cyber criminals have made the “free vacation” phish one of the sharpest hooks in their phishing tackle box. They’re counting on their victims’ desire to get a free trip to outweigh  common sense when it comes to getting free stuff.

The free luxury vacation is a great example of an important truth about personal cyber security: If an offer arrives out of the blue and seems too good to be true, it probably is.

If you think you're the victim of an online contest or sweepstakes scam, the most important thing is not to panic. By getting in touch with the proper authorities, you may help catch cyber criminals before they can scam anyone else. Contact the Canadian Anti-Fraud Centre or call 1-888-495-8501.

The “fake government message” scam

Fear is a key tactic that phishers use to extract personal information from their victims.

Cyber criminals know that the fear of being fined or even arrested can drive people to take actions they otherwise wouldn’t.

That’s why the “fake government message” phish is so prominent with cyber criminals.

It usually goes something like this: A victim receives a phone call from someone claiming to a government official. This person tells you that you need to respond with some personal information or you risk being fined or arrested.

Many people fall victim to this phishing attempt because no one wants to be at risk of a running afoul of the government.

Don’t let these scare tactics fool you! If it seems phish-y, it probably is. If you are concerned, contact the department directly by looking up their official information on their website.

The “gift card” scam

Not all phishing attempts are mass-produced. Spear phishing attacks are targeted and use information that only the victim could know, but often can be found easily online.

A common example of this is the “gift card” scam.

Someone receives a message, usually an email, that claims to be from a manager or co-worker. The sender asks the victim to go to the store to buy some gift cards. The sender claims to be in a meeting and asks the victim to send the card numbers in an email.

It’s an example of how targeted and detailed spear phishing scams can be. Cyber criminals can learn specific information about an organization, such as employees who work there,  and use this information to convince you to interact with their phishing message.

The best way to find out if the request is valid, is to contact that person directly through another channel. If they sent an email, call them. If they called, email them.
Don’t give into the pressure, if it sounds a little phish-y, it probably is.


Cyber criminals are always refining their phishing techniques. There’s no exhaustive list of all the potential phishing scams out there.

But, by being aware of the above examples, you can learn how to spot some of the more common types of phishing scams.

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: