Comprehensive List of User Deception Techniques in Emails

TL;DR

This paper provides a structured, comprehensive list of 42 email deception techniques with 64 examples, serving as a reference for developing countermeasures and understanding email-based deception mechanisms.

Contribution

It consolidates existing techniques, introduces new ones, and organizes them systematically to aid future research and security improvements in email communication.

Findings

Compiled 42 deception techniques with 64 examples.

Organized techniques around sender, link, attachment, and rendering indicators.

Separated deception goals from technical implementations for clarity.

Abstract

Email remains a central communication medium, yet its long-standing design and interface conventions continue to enable deceptive attacks. This research note presents a structured list of 42 email-based deception techniques, documented with 64 concrete example implementations, organized around the sender, link, and attachment security indicators as well as techniques targeting the email rendering environment. Building on a prior systematic literature review, we consolidate previously reported techniques with newly developed example implementations and introduce novel deception techniques identified through our own examination. Rather than assessing effectiveness or real-world severity, each entry explains the underlying mechanism in isolation, separating the high-level deception goal from its concrete technical implementation. The documented techniques serve as modular building blocks and a structured reference for future work on countermeasures across infrastructure, email client design, and security awareness, supporting researchers as well as developers, operators, and designers working in these areas.