Imagine receiving an email that appears to come from your university. The email claims there has been suspicious activity detected on your student account and asks you to log in immediately using a provided link.
The email may:
- Use official logos
- Copy the university’s writing style
- Include urgent language
- Threaten account suspension
If the victim clicks the link and enters their password, the attacker may gain access to the account.
This is a common example of phishing and demonstrates how attackers exploit trust and urgency rather than technical vulnerabilities.