Credential Harvesting
Fake websites or forms designed to steal login details, MFA codes, or personal data.
Below are real, recent examples from our archive. Use the filters to narrow by channel or search within this category.
Tip: If you didn’t expect a refund, invoice, or prize — pause and verify using a trusted website or phone number, not the link you received. See common red flags.
Documents Ready To Sign Scam
You receive an email that looks like it’s from DocuSign (or another e‑signature service) saying “Your documents are ready to sign.” The button or link takes you to a website that looks like a Microsoft, Google, or company login page. If you enter your email and password there, the scammers steal your login and can get into your email and other accounts.
Microsoft Account Password Expired Scam
You get an email that looks like it’s from Microsoft saying your password has expired and you must “Update Password Now” within 24 hours. It warns you could lose access to Outlook, OneDrive, Office 365, or Teams. The button leads to a fake sign-in page that steals your email and password. The message uses urgent, scary language to make you act fast.
Not seeing your example in Credential Harvesting? Sharing real screenshots helps others spot the red flags faster.
Report a scam