Cyber Security Training & Software for Companies | MetaCompliance


Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters



Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 

Financial Services

Creating A First Line Of Defence For Financial Service Organisations


A Go-To Security Awareness Solution For Governments


A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives



From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

MetaCompliance | Cyber Security Training & Software for Employees


With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes


Meet the MetaCompliance Leadership Team


Stay informed about cyber awareness training topics and mitigate risk in your organisation.

How to Spot Phishing Emails: Recognizing Common Words and Terminology

How to Spot Phishing Emails: Common Words and Terminology

about the author

Share this post

Knowing how to spot phishing emails is crucial in today’s digital landscape, as cybercriminals will stoop to the lowest levels to carry out their attacks. For instance, recent weeks have seen mass phishing campaigns targeting the Ukrainian military and their families. Similarly, when the Covid-19 pandemic swept the globe, phishers exploited the situation by inundating people with spam emails. Despite varying themes, these campaigns often employ common words and phrases aimed at deceiving individuals into unwittingly aiding the fraudsters.

The thing that phishing campaigns have in common, however, is the language that is used to trick people into doing the fraudster’s bidding. The themes may differ, but common words and phrases are used across phishing email campaigns.

The Language of Phishing Emails and ‘Spontaneous Action’

When educating anyone about phishing scams, the language of the phisher is important to learn. Phishing attacks rely on communication as a vehicle to set up a scam. As such, the fraudster(s) behind the phishing email will configure the content of the email to encourage the recipient to perform certain actions.

This is a psychological trick that requires an emotional connection with the recipient and the email content. Language and emotion are well-understood drivers of behaviour. Take proverbs as an example: “Keep Calm and Carry On” was one of three similar sayings created as a campaign by the Ministry of Information (MOI) in 1939 in the event of war to “balance a ‘steadying influence’ with an incitement to ‘spontaneous’ action”.

Language matters: this universal truth about human behaviour is not lost on fraudsters who use it in their phishing email campaigns to incite their version of ‘spontaneous action’.

How to Spot Phishing Emails: Phishing Email Terminology

Knowing how to spot phishing emails is crucial in safeguarding yourself online. Before delving into the utilization of common words found in phishing emails, it’s essential to grasp the phishing terminology. This lexicon serves to classify the different types of email phishing tactics. Among the most prevalent are:

Spear-phishing: targeted fraudulent email campaigns that are designed from surveillance and intelligence carried out on the target organisation. This helps to develop highly believable emails; the wording is typically targeted and uses the first name of the target to engage and develop trust.

These emails usually focus on individuals with privileged access to resources, such as system administrators. The common words used will engage with that specific person within their privileged role and will typically use emotion, such as urgency.

Email phishing campaigns: more generalised phishing campaigns that send out malicious emails to trick general users/employees into divulging personal information, including usernames, phone numbers, and credit card information. The emails use common words and contexts, such as urgency to trick the recipient into clicking a malicious link or downloading an infected attachment. The link typically goes to a spoof website or online app that then attempts to steal login credentials and/or personal data.

Business Email Compromise (BEC): often uses spear-phishing emails to begin the attack that ends in company money being transferred to a cybercriminal’s bank account.

Context and Common Words in Phishing Emails

Various organisations look at the type of common words and tactics used in email phishing campaigns. One such organisation is the Anti-Phishing Working Group (APWG). The APWG keeps a watch on the types of phishing activity happening across the world. As well as tracking popular brands that are spoofed, and phishing website domain registrations, the group also looks at trends in phishing email subjects.

A research paper from APWG looked at common themes, spoof URLs and keywords used in email phishing campaigns during the Covid-19 pandemic and related events. The researchers found that a common phrase used in phishing emails related to the pandemic was “expires in 2 days” used to encourage a sense of urgency.

The paper concludes: “From our deep dive into the content of corona-related phishing websites, we noted the importance of human factors and how attackers exploit individuals’ pandemic-driven wants and needs. Hence, it is critical to quickly educate people to better understand social engineering attacks so that they can protect themselves when technical mitigations fail to do so.”

Researchers have also identified the most common words used in phishing emails. For example, the top five according to a US-focused report are:

  1. Label
  2. Invoice
  3. Post

Arguably, these words are common in legitimate as well as illegitimate emails. Both the research from APWG and the most common words research led to the conclusion that words PLUS context is important in Security Awareness Training.

Context and Common Themes in Phishing Emails

Spam emails depend on context and common themes, as well as the wording. Some of the most common themes are:

Urgency, e.g., “Your account password has expired, please update your password now to maintain access to Office 365”

Fear of missing out (FOMO), e.g., “don’t miss out on this once in a lifetime offer…”: Research has shown that FOMO can be highly effective in email phishing campaigns.

Emotion, e.g., “we have recorded you while you were using a porn website…” this tactic is often used in sexploitation phishing campaigns

Authority (and urgency), e.g., “John, can you urgently process this wire to our latest supplier. If not done today, we will lose a large order” – the email will typically be signed by the CEO. In a company people in authority may have their email addresses spoofed to carry out Business Email Compromise and spear-phishing attacks.

How to Spot Phishing Emails: Some Examples of Common Words Used in Phishing Emails

Research and experience have shown that certain common words are used in phishing scams across campaigns, indicating how to spot phishing emails. Some of the most common phishing keywords include:

Message subject line examples:

  • Urgent
  • Verification required!
  • Invoice
  • Need urgent help!
  • Suspicious Outlook activity
  • Important! Your password is about to expire
  • Action required…

Body content examples:

  • A vulnerability has been identified in [app name here].
  • To perform verification, click the link [a direct link or hyperlink button]
  • Here is the new invoice for this week’s activities [click to access, name of app]
  • [A spoof message from tech support] Please click here to install the latest [name of app]
  • Your [name of app] account has been locked for security reasons, click here to unlock your account [a direct link or hyperlink button]

Current events may adjust some of the wording used in the subject line or the body content of a phishing email, but the tone and common keywords will likely be similar or the same.

How to Spot Phishing Emails? Keep Calm and Carry On

Educating your employees about the common words used in phishing emails, as well as understanding the different terminologies of phishing attacks, is crucial in helping them identify a spoof email before they click a malicious link or download an infected attachment. Recognizing that the language of spam emails often revolves around common themes and related words is key in this process of learning how to spot phishing emails. This knowledge serves as an Achilles heel for fraudsters, empowering individuals to stay vigilant and protect themselves against cyber threats.

Risk of ransomware

Other Articles on Cyber Security Awareness Training You Might Find Interesting