Vocabulary
Email & Messaging (What’s wrong?)
Safer Next Step
100

Fake messages to steal data

phishing

100

From: support@mybánk.com (accent in ‘a’)

fake/look-alike domain (spoofing)

100

SMS from “bank” asks for a code

Call the bank using the official number (don’t send code)

200

Faking the sender’s address/number

spoofing

200

WhatsApp: “Hi, new number—send your OTP, please.”

impersonation + OTP request (phishing)

200

Email links look odd.

Open the official site yourself; log in directly

300

Pretending to be a real person or brand

impersonation

300

Email with attachment from unknown vendor; no context.

unexpected attachment (possible malware)

300

You clicked a bad link by mistake.

Disconnect, change email password, enable MFA, scan device, inform support

400

Login details like username + password

credentials

400

“Finalize refund here” → link goes off the official domain.  

phishing link / off-domain site

400

Friend sends “free shoes, pay €4.50 shipping.”

Ignore; check official brand site; do not pay

500

Short, neutral check to prove it’s real

verification

500

“Final notice: verify account now or legal action.”

threat/pressure + urgency (scam tone)

500

Invoice PDF from unknown sender.

Don’t open; ask vendor to upload to official portal / confirm by phone

M
e
n
u