{"id":28380,"date":"2025-04-08T10:18:01","date_gmt":"2025-04-08T18:18:01","guid":{"rendered":"https:\/\/www.spokeo.com\/compass\/?p=28380"},"modified":"2025-04-08T10:18:05","modified_gmt":"2025-04-08T18:18:05","slug":"what-is-clone-phishing-scam","status":"publish","type":"post","link":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/","title":{"rendered":"Clone Phishing: The Newest Take on Phishing Attacks"},"content":{"rendered":"\n<p>At this point, you\u2019ve probably heard of <a href=\"https:\/\/www.spokeo.com\/compass\/how-to-stop-spam-and-phishing-emails\/\" target=\"_blank\" rel=\"noreferrer noopener\">phishing attacks<\/a>.\u00a0 In fact, you\u2019ve maybe even heard of the dozens of phishing offshoots that scammers keep coming up with.\u00a0 Scammers are a lot of things (pretty much all bad), but they do seem to have a knack for coming up with creative ways of stealing people&#8217;s money and information.\u00a0 The newest way?\u00a0 A phishing alternative known as \u201cClone phishing.\u201d<\/p>\n\n\n\n<p>Since the best way to avoid getting scammed is to know what the scammers are doing, we\u2019ll be going over what clone phishing is, how it works, how it differs from other phishing, and how you can recognize and protect yourself from a clone phishing attempt.<\/p>\n\n\n\n<p>Let\u2019s get into it.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is Clone Phishing?&nbsp;<\/h2>\n\n\n\n<p>For those who would like a quick refresh, phishing is a common cyber-attack that tricks victims into giving up sensitive information (often via some type of impersonation).&nbsp; There are all sorts of specific types of phishing (we\u2019ll touch on the main ones later), but the latest version that is gaining traction is clone phishing.<\/p>\n\n\n\n<p>Clone phishing is an <a href=\"https:\/\/www.spokeo.com\/compass\/watch-out-for-this-netflix-scam\/\" target=\"_blank\" rel=\"noreferrer noopener\">email-based scam<\/a> that takes legitimate emails from businesses, makes an exact copy (clones it), replaces all of the links and attachments with malicious links and attachments, and then sends it out while pretending to be the original company.<\/p>\n\n\n\n<p>Because these emails look exactly like the legitimate emails you receive from a certain company, scammers are banking on you not taking a second look at who actually sent the email (oftentimes a close, but not quite right variation of the company&#8217;s actual email address).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How Does Clone Phishing Work?<\/h2>\n\n\n\n<p>Clone phishing works by tricking people into thinking they\u2019re interacting with a familiar email from a trusted company.&nbsp; The process of clone phishing goes as follows:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Scammers select a mass email that people are likely to interact with (such as a limited-time sale from a popular online retailer).\u00a0 They might also choose something like a <a href=\"https:\/\/www.spokeo.com\/compass\/fake-tracking-number\/\" target=\"_blank\" rel=\"noreferrer noopener\">tracking email<\/a>, which might work on somebody who recently ordered something and is expecting tracking information.<\/li>\n\n\n\n<li>The scammers then swap out all of the links and any attachments with some malicious alternative.\u00a0 It could be a direct virus download, but it often is a link to a fake version of the website that victims are expecting to go to.<\/li>\n\n\n\n<li>Once the changes have been made, the scammers send out their cloned version in mass, using an email that looks very similar to the actual company email.<\/li>\n\n\n\n<li>Then, all they have to do is wait for people to accidentally download malware, or enter their credit card information (or other private information) into a website the victim thinks is legitimate.<\/li>\n<\/ul>\n\n\n\n<p>And just like that, the scammers have access to your important information.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"682\" src=\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?resize=1024%2C682&#038;ssl=1\" alt=\"woman using laptop receiving clone phishing email attack\" class=\"wp-image-28381\" srcset=\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?resize=1024%2C682&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?resize=300%2C200&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?resize=768%2C512&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?resize=1170%2C780&amp;ssl=1 1170w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?resize=585%2C390&amp;ssl=1 585w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?resize=263%2C175&amp;ssl=1 263w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-ekaterina-bolovtsova-4049730.jpg?w=1280&amp;ssl=1 1280w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Clone Phishing vs. Other Types of Phishing<\/h2>\n\n\n\n<p>Because most phishing scams have the same basic underlying principles, it\u2019s worth taking a look at how clone phishing varies from other popular phishing scams.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Spear Phishing<\/h3>\n\n\n\n<p>While clone phishing targets a large group of people within a specific audience (such as customers of a specific online retailer), spear phishing is targeted at specific individuals that scammers believe have more valuable information.\u00a0 These attacks require much more work, as messages and interactions need to be tailored to win a specific person&#8217;s trust.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Whaling<\/h3>\n\n\n\n<p>Whaling is essentially the same as spear phishing, but is used to refer to phishing attacks that specifically target C-suite executives.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Vishing<\/h3>\n\n\n\n<p>While Clone Phishing is an email-based phishing attack, <a href=\"https:\/\/www.spokeo.com\/compass\/protect-yourself-from-vishing-attacks\/\" target=\"_blank\" rel=\"noreferrer noopener\">vishing<\/a> is a voice-based phishing attack (voice + phishing = vishing).\u00a0 Vishing is conducted by calling potential victims in an attempt to get them to reveal private information.\u00a0 This often takes the form of scammers pretending to be from the bank in order to trick you into giving them your financial information.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Smishing<\/h3>\n\n\n\n<p>Because email phishing has become fairly common, email services have been able to step up their game and successfully filter out phishing attempts.\u00a0 That\u2019s why scammers have largely moved to smishing.\u00a0 Smishing (SMS + phishing) is a phishing attempt conducted via <a href=\"https:\/\/www.spokeo.com\/compass\/wrong-number-text-scam\/\" target=\"_blank\" rel=\"noreferrer noopener\">text messages<\/a> (SMS).\u00a0\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"682\" src=\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?resize=1024%2C682&#038;ssl=1\" alt=\"stressed woman victim of clone phising email scam\" class=\"wp-image-28382\" srcset=\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?resize=1024%2C682&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?resize=300%2C200&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?resize=768%2C512&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?resize=1170%2C780&amp;ssl=1 1170w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?resize=585%2C390&amp;ssl=1 585w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?resize=263%2C175&amp;ssl=1 263w, https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-resumegenius-18848928.jpg?w=1280&amp;ssl=1 1280w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">How to Spot a Clone Phishing Attempt<\/h2>\n\n\n\n<p>Because clone phishing involves exact copies of legitimate emails, it\u2019s hard to point to common words or phrases that suggest an email is actually a clone phishing attempt.\u00a0 Instead, you\u2019ll have to look for a few more detail-based signs that the email you just received is actually from a scammer.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Take a Close Look at the Sender\u2019s Email Address&nbsp;<\/h3>\n\n\n\n<p>One of the quickest and most effective ways to spot a phishing attempt is by taking a closer look at the sender\u2019s email address.\u00a0 They are often close to, but not the same as the legitimate sender\u2019s address.\u00a0 For example, they might use \u201ccust0merservice@amz0n.co\u201d instead of \u201ccustomerservice@amazon.com,\u201d the address might end in \u201c.co\u201d instead of \u201c.com,\u201d or any other subtle-but-telling differences.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pay Attention to the URL Any Links Take You To&nbsp;<\/h3>\n\n\n\n<p>Like with the sender\u2019s email address, pay attention to the URL any links take you to by hovering your mouse over each link before clicking it (which will display the full URL in the bottom left-hand corner of your screen). Again, these are usually similar to the legit URL, but end in \u201c.co\u201d or \u201c.io\u201d instead of \u201c.com.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Don\u2019t Be Fooled by \u201cUrgent\u201d Requests&nbsp;<\/h3>\n\n\n\n<p>Scammers know that the quicker you act, the less likely you\u2019ll be to notice red flags.\u00a0 That\u2019s why clone phishing scammers often use urgent-sounding emails, or even alter emails to use more urgent-sounding language.\u00a0 Any email that is pushing you to \u201cAct Now!\u201d should immediately get you into suspicion mode.\u00a0 It could be that your favorite brand really is having a super time-sensitive sale on your favorite product, but it\u2019s more likely that scammers are trying to get you to slip up.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Your Password Manager Isn\u2019t Fooled<\/h3>\n\n\n\n<p>With all the different accounts and logins that are required nowadays, lots of people use password managers.\u00a0 Not only do these services conveniently autofill your login information on websites, but they also won\u2019t be tricked by a fake domain.\u00a0 If you\u2019re noticing your username and password aren\u2019t being auto-filled on a website they normally do, take a look and make sure you are where you think you are.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Stay Safe&nbsp;<\/h2>\n\n\n\n<p>Phishing attempts are sadly not likely to go away anytime soon.\u00a0 In fact, it\u2019s almost certain that more varieties of crafty tricks will pop up in an attempt to gain access to your private information.\u00a0 The benefit you have is not only knowing about phishing, and thus being more aware, but also the fact that by being informed, you\u2019re more likely to naturally catch any phishing, smishing, vishing, whatever-else-ing attack.\u00a0 Remember, never click links from senders you don\u2019t know, always check that the sender is who they say they are, and always err on the side of caution when it comes to entering sensitive data.<\/p>\n\n\n\n<p><em>Cyrus Grant is a writer from Southern California with a background in law and dispute resolution. When he isn\u2019t writing he can be found deep-diving into the latest technology trends or simply spending time at the beach.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This sophisticated new version of phishing involves making near-exact copies of emails from businesses you trust. Here\u2019s what to know about clone phishing. <\/p>\n","protected":false},"author":152,"featured_media":28383,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[614],"tags":[],"class_list":["post-28380","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-safety"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>What is Clone Phishing? Everything to Know to Stay Safe | Spokeo<\/title>\n<meta name=\"description\" content=\"This sophisticated new version of phishing involves making near-exact copies of emails from businesses you trust. Here\u2019s what to know about clone phishing.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is Clone Phishing? Everything to Know to Stay Safe | Spokeo\" \/>\n<meta property=\"og:description\" content=\"This sophisticated new version of phishing involves making near-exact copies of emails from businesses you trust. Here\u2019s what to know about clone phishing.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/\" \/>\n<meta property=\"og:site_name\" content=\"The Compass Blog | Digital Identity and People Search | Spokeo\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Spokeo\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-08T18:18:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-08T18:18:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"853\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Cyrus Grant\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Spokeo\" \/>\n<meta name=\"twitter:site\" content=\"@Spokeo\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Cyrus Grant\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/\",\"url\":\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/\",\"name\":\"What is Clone Phishing? Everything to Know to Stay Safe | Spokeo\",\"isPartOf\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg?fit=1280%2C853&ssl=1\",\"datePublished\":\"2025-04-08T18:18:01+00:00\",\"dateModified\":\"2025-04-08T18:18:05+00:00\",\"author\":{\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/50dd3a291caf9cdec084519560cb03b9\"},\"description\":\"This sophisticated new version of phishing involves making near-exact copies of emails from businesses you trust. Here\u2019s what to know about clone phishing.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/#primaryimage\",\"url\":\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg?fit=1280%2C853&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg?fit=1280%2C853&ssl=1\",\"width\":1280,\"height\":853,\"caption\":\"How to Spot a Clone Phishing Attempt Because clone phishing involves exact copies of legitimate emails, it\u2019s hard to point to common words or phrases that suggest an email is actually a clone phishing attempt. Instead, you\u2019ll have to look for a few more detail-based signs that the email you just received is actually from a scammer. Take a Close Look at the Sender\u2019s Email Address One of the quickest and most effective ways to spot a phishing attempt is by taking a closer look at the sender\u2019s email address. They are often close to, but not the same as the legitimate sender\u2019s address. For example, they might use \u201ccust0merservice@amz0n.co\u201d instead of \u201ccustomerservice@amazon.com,\u201d the address might end in \u201c.co\u201d instead of \u201c.com,\u201d or any other subtle-but-telling differences. Pay Attention to the URL Any Links Take You To Like with the sender\u2019s email address, pay attention to the URL any links take you to by hovering yoru mouse over each link before clicking it (which will display the full URL in the bottom left-hand corner of your screen). Again, these are usually similar to the legit URL, but end in \u201c.co\u201d or \u201c.io\u201d instead of \u201c.com.\u201d Don\u2019t Be Fooled by \u201cUrgent\u201d Requests Scammers know that the quicker you act, the less likely you\u2019ll be to notice red flags. That\u2019s why clone phishing scammers often use urgent-sounding emails, or even alter emails to use more urgent-sounding language. Any email that is pushing you to \u201cAct Now!\u201d should immediately get you into suspicion mode. It could be that your favorite brand really is having a super time-sensitive sale on your favorite product, but it\u2019s more likely that scammers are trying to get you to slip up. Your Password Manager Isn\u2019t Fooled With all the different accounts and logins that are required nowadays, lots of people use password managers. Not only do these services conveniently autofill your login information on websites, but they won\u2019t be tricked by a fake domain. If you\u2019re noticing your username and password aren\u2019t being auto-filled on a website they normally do, take a look and make sure you are where you think you are. Stay Safe Phishing attempts are sadly not likely to go anywhere any time soon. In fact, it\u2019s almost certain that more varieties of crafty tricks will pop up in an attempt to gain access to your private information. The benefit you have is not only knowing about phishing, and thus being more aware, but also the fact that by being informed, you\u2019re more likely to naturally catch any phishing, smishing, vishing, whatever-else-ing attack. Remember, never click links from senders you don\u2019t know, always check that the sender is who they say they are, and always err on the side of caution when it comes to entering sensitive data. Cyrus Grant is a writer from Southern California with a background in law and dispute resolution. When he isn\u2019t writing he can be found deep-diving into the latest technology trends or simply spending time at the beach.\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#website\",\"url\":\"https:\/\/www.spokeo.com\/compass\/\",\"name\":\"The Compass Blog | Digital Identity and People Search | Spokeo\",\"description\":\"The official Spokeo blog covers topics such as digital identity, consumer protection and privacy, how to avoid scams and catfishing, and more.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.spokeo.com\/compass\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/50dd3a291caf9cdec084519560cb03b9\",\"name\":\"Cyrus Grant\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e32ecc9ed7b8d37818763d645b1225412322bf356d410335172bd5b671dc1b02?s=96&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e32ecc9ed7b8d37818763d645b1225412322bf356d410335172bd5b671dc1b02?s=96&r=g\",\"caption\":\"Cyrus Grant\"},\"url\":\"https:\/\/www.spokeo.com\/compass\/author\/cgrant\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What is Clone Phishing? Everything to Know to Stay Safe | Spokeo","description":"This sophisticated new version of phishing involves making near-exact copies of emails from businesses you trust. Here\u2019s what to know about clone phishing.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/","og_locale":"en_US","og_type":"article","og_title":"What is Clone Phishing? Everything to Know to Stay Safe | Spokeo","og_description":"This sophisticated new version of phishing involves making near-exact copies of emails from businesses you trust. Here\u2019s what to know about clone phishing.","og_url":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/","og_site_name":"The Compass Blog | Digital Identity and People Search | Spokeo","article_publisher":"https:\/\/www.facebook.com\/Spokeo\/","article_published_time":"2025-04-08T18:18:01+00:00","article_modified_time":"2025-04-08T18:18:05+00:00","og_image":[{"width":1280,"height":853,"url":"https:\/\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg","type":"image\/jpeg"}],"author":"Cyrus Grant","twitter_card":"summary_large_image","twitter_creator":"@Spokeo","twitter_site":"@Spokeo","twitter_misc":{"Written by":"Cyrus Grant","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/","url":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/","name":"What is Clone Phishing? Everything to Know to Stay Safe | Spokeo","isPartOf":{"@id":"https:\/\/www.spokeo.com\/compass\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/#primaryimage"},"image":{"@id":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg?fit=1280%2C853&ssl=1","datePublished":"2025-04-08T18:18:01+00:00","dateModified":"2025-04-08T18:18:05+00:00","author":{"@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/50dd3a291caf9cdec084519560cb03b9"},"description":"This sophisticated new version of phishing involves making near-exact copies of emails from businesses you trust. Here\u2019s what to know about clone phishing.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spokeo.com\/compass\/what-is-clone-phishing-scam\/#primaryimage","url":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg?fit=1280%2C853&ssl=1","contentUrl":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg?fit=1280%2C853&ssl=1","width":1280,"height":853,"caption":"How to Spot a Clone Phishing Attempt Because clone phishing involves exact copies of legitimate emails, it\u2019s hard to point to common words or phrases that suggest an email is actually a clone phishing attempt. Instead, you\u2019ll have to look for a few more detail-based signs that the email you just received is actually from a scammer. Take a Close Look at the Sender\u2019s Email Address One of the quickest and most effective ways to spot a phishing attempt is by taking a closer look at the sender\u2019s email address. They are often close to, but not the same as the legitimate sender\u2019s address. For example, they might use \u201ccust0merservice@amz0n.co\u201d instead of \u201ccustomerservice@amazon.com,\u201d the address might end in \u201c.co\u201d instead of \u201c.com,\u201d or any other subtle-but-telling differences. Pay Attention to the URL Any Links Take You To Like with the sender\u2019s email address, pay attention to the URL any links take you to by hovering yoru mouse over each link before clicking it (which will display the full URL in the bottom left-hand corner of your screen). Again, these are usually similar to the legit URL, but end in \u201c.co\u201d or \u201c.io\u201d instead of \u201c.com.\u201d Don\u2019t Be Fooled by \u201cUrgent\u201d Requests Scammers know that the quicker you act, the less likely you\u2019ll be to notice red flags. That\u2019s why clone phishing scammers often use urgent-sounding emails, or even alter emails to use more urgent-sounding language. Any email that is pushing you to \u201cAct Now!\u201d should immediately get you into suspicion mode. It could be that your favorite brand really is having a super time-sensitive sale on your favorite product, but it\u2019s more likely that scammers are trying to get you to slip up. Your Password Manager Isn\u2019t Fooled With all the different accounts and logins that are required nowadays, lots of people use password managers. Not only do these services conveniently autofill your login information on websites, but they won\u2019t be tricked by a fake domain. If you\u2019re noticing your username and password aren\u2019t being auto-filled on a website they normally do, take a look and make sure you are where you think you are. Stay Safe Phishing attempts are sadly not likely to go anywhere any time soon. In fact, it\u2019s almost certain that more varieties of crafty tricks will pop up in an attempt to gain access to your private information. The benefit you have is not only knowing about phishing, and thus being more aware, but also the fact that by being informed, you\u2019re more likely to naturally catch any phishing, smishing, vishing, whatever-else-ing attack. Remember, never click links from senders you don\u2019t know, always check that the sender is who they say they are, and always err on the side of caution when it comes to entering sensitive data. Cyrus Grant is a writer from Southern California with a background in law and dispute resolution. When he isn\u2019t writing he can be found deep-diving into the latest technology trends or simply spending time at the beach."},{"@type":"WebSite","@id":"https:\/\/www.spokeo.com\/compass\/#website","url":"https:\/\/www.spokeo.com\/compass\/","name":"The Compass Blog | Digital Identity and People Search | Spokeo","description":"The official Spokeo blog covers topics such as digital identity, consumer protection and privacy, how to avoid scams and catfishing, and more.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.spokeo.com\/compass\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/50dd3a291caf9cdec084519560cb03b9","name":"Cyrus Grant","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.spokeo.com\/compass\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e32ecc9ed7b8d37818763d645b1225412322bf356d410335172bd5b671dc1b02?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e32ecc9ed7b8d37818763d645b1225412322bf356d410335172bd5b671dc1b02?s=96&r=g","caption":"Cyrus Grant"},"url":"https:\/\/www.spokeo.com\/compass\/author\/cgrant\/"}]}},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.spokeo.com\/compass\/image\/pexels-tdcat-193003-1.jpg?fit=1280%2C853&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/p8V62u-7nK","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/28380","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/users\/152"}],"replies":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/comments?post=28380"}],"version-history":[{"count":1,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/28380\/revisions"}],"predecessor-version":[{"id":28384,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/posts\/28380\/revisions\/28384"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/media\/28383"}],"wp:attachment":[{"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/media?parent=28380"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/categories?post=28380"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.spokeo.com\/compass\/wp-json\/wp\/v2\/tags?post=28380"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}