Phishing Training Video 3: The Fake Financial Report Video

This 4 1/2 minute Phishing Email Training Video-03 is the third in our FREE Phishing Email Training Video series. We review a “real world” phishing email example and show how to recognize them; so you don’t fall victim to hackers and personal identity theft.

We’re going to go through another phishing email example today in this Phishing Email Training Video-03. I just received this email today.  On the subject line you can see this is my company’s financial report.  It has today’s date and it is an excel spreadsheet that has been shared with me.  The sender is from onedrive at klconsulting.net which is my company.  The email itself looks like a typical email I receive when someone is sharing a onedrive file with me so let’s follow through our phishing email checklist and see if this is a phishing email or not.

Check who the sender is

The very first thing we’re going to check is the sender.  The sender is onedrive at klconsulting.net however when I look at the actual sender, the email was sent out from me!  I don’t share files to myself! Therefore, I can already conclude 100% that this is a phishing email!  I normally will just delete this email and move on however let’s just go through the rest of the checklist and see if we can spot other signs of a phishing email.

Second, I want to check is the web links. I will hover my mouse over to the excel spreadsheet icon and see where the links are trying to take me.  It is trying to take me to appspot.com which is a suspicious website.  I’m not expecting to go there.  When I move my mouse over to the “view” button I also see the same website appspot.com.  When I move my mouse over to privacy statement link, hover not click, it to tries to take me to svc.ms website so all these web links are suspicious and most likely they are phishing websites.

Is the email asking for personal information?

Third, we’re going to see if this email is asking for personal information or if it’s asking for us to send money?  No.  Are there any attachments to this email?  No.  Does this email sound very urgent, or ask me to do something immediately?  It’s not asking me to do something immediately, but when a normal person like me sees a financial report that is dated today, I will likely want to open and see what’s in the financial report. 

Check for proper grammar and English

Does the email have any misspelling or poor English?  No.  Is there an email signature on this email?  No but normally I would not expect to see an email signature for this type of email because this is what I expect to see when someone is sharing the file with me.

In conclusion, we can say that this email is indeed a phishing email!

Let’s consider the psychology behind this email

Let’s take a look at the email from psychology point of view.  This is a very short email. It is the kind of email that you expect to see when a person shares their one drive file with you.  And the fact that a person is sharing the financial report that is dated today, I’m very likely to click on it and try to open up the financial report if i didn’t think twice.

Final thoughts

So next time if you see this type of email step back think twice and ping the person who sent you the financial report or important documents to see if this email is indeed from them or if the file is really shared by them. We hope you find this Phishing Training Video-03 helpful.

So stay safe and we will talk again with you next time.


Our first phishing training video is here

And our second is here




Thank you for visiting our website!

Scroll to Top