Greed-Based Phishing Examples: How Scammers Use Tempting Offers
Greed-based phishing scams promise huge rewards to trick victims into revealing sensitive data. From fake lottery wins to exclusive discounts, these attacks are highly deceptive. Explore real-world cases and how to protect yourself with AI-driven security training.
2025-03-12
'%3e%3cpath%20d='M4%204L15.733%2020H20L8.267%204H4Z'%20stroke='%230671C0'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3cpath%20d='M4%2020L10.768%2013.232M13.228%2010.772L20%204'%20stroke='%230671C0'%20stroke-width='2'%20stroke-linecap='round'%20stroke-linejoin='round'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_8149_16006'%3e%3crect%20width='24'%20height='24'%20fill='white'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
'%3e%3cpath%20d='M5.37214%2023.8745H0.396429V8.10162H5.37214V23.8745ZM2.88161%205.95006C1.29054%205.95006%200%204.65279%200%203.08658C1.13882e-08%202.33427%200.303597%201.61278%200.844003%201.08082C1.38441%200.548853%202.11736%200.25%202.88161%200.25C3.64586%200.25%204.3788%200.548853%204.91921%201.08082C5.45962%201.61278%205.76321%202.33427%205.76321%203.08658C5.76321%204.65279%204.47214%205.95006%202.88161%205.95006ZM23.9946%2023.8745H19.0296V16.1963C19.0296%2014.3665%2018.9921%2012.0198%2016.4427%2012.0198C13.8557%2012.0198%2013.4593%2014.0079%2013.4593%2016.0645V23.8745H8.48893V8.10162H13.2611V10.2532H13.3307C13.995%209.01393%2015.6177%207.70611%2018.0386%207.70611C23.0743%207.70611%2024%2010.9704%2024%2015.2102V23.8745H23.9946Z'%20fill='%230671C0'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_3867_24588'%3e%3crect%20width='24'%20height='27'%20fill='%234A4D53'%20transform='translate(0%200.25)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
'%3e%3cpath%20d='M13.957%2014.75L14.668%2010.0848H10.2225V7.05745C10.2225%205.78115%2010.8435%204.53707%2012.8345%204.53707H14.8555V0.565174C14.8555%200.565174%2013.0215%200.25%2011.268%200.25C7.60703%200.25%205.21403%202.48441%205.21403%206.52931V10.0848H1.14453V14.75H5.21403V26.0278H10.2225V14.75H13.957Z'%20fill='%230671C0'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='clip0_3867_24590'%3e%3crect%20width='16'%20height='25.7778'%20fill='%234A4D53'%20transform='translate(0%200.25)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e)
Every day, 160 billion spam emails are sent, making up 46% of the 347 billion daily emails. Many of these emails are phishing attacks, designed to trick recipients into revealing sensitive information. Among phishing tactics, greed-based phishing is one of the most effective, taking advantage of people's desire for money, discounts, or rewards. Attackers use fake lottery winnings, high-return investments, and refund scams to tempt victims into clicking malicious links or sharing financial details.
This blog will explain how greed-based phishing works and why it is so effective. We will look at five real-world phishing examples that take advantage of financial temptation, explore the psychological tricks scammers use, and explain how organizations can protect themselves using security awareness training and phishing simulations.
What Are Greed-Based Phishing Attacks?
Greed-based phishing attacks trick people by exploiting their desire for money or rewards. Scammers send emails or messages promising lottery winnings, exclusive discounts, or high-return investments to make victims act quickly without thinking.
For example, an email saying, "Congratulations! You’ve won a $10,000 prize" is designed to create excitement and push the recipient to click a malicious link or share personal information without verifying the source.
These scams rely on impulsive reactions, making them highly effective. Recognizing and avoiding such tricks is key to staying safe online.
5 Phishing Examples with Greed-Based Tactics
Cybercriminals take advantage of people's desire for easy money, exclusive deals, and financial rewards to carry out phishing scams. By creating false promises and time-sensitive offers, they pressure victims into acting without verifying legitimacy. Below are five real-world examples of how scammers use deceptive tactics to steal personal and financial information.
1. Fake Lottery Winnings Phishing Scam
Scammers send emails or texts claiming the recipient has won a lottery or sweepstakes, even if they never entered one. To claim the prize, victims are told to provide personal details, such as banking information, or pay a small fee for "processing" or "taxes". In reality, there is no prize—these scams exploit excitement and create urgency, tricking victims into acting before they can think critically.
Below is an example of how attackers use fake lottery emails to deceive victims.
To learn about even more sophisticated phishing tactics, check out Keepnet's guide on 6 Shocking Advanced Phishing Attack Examples in 2025.
2. Exclusive Discounts or Coupons Phishing Emails
Scammers send fake emails promising huge discounts or free coupons for popular brands. Victims click on malicious links to claim the offer, unknowingly giving away login credentials or downloading malware onto their devices. These scams take advantage of people looking for great deals, making them easy targets.
One common example is the exclusive discount scam, where victims receive emails offering limited-time deals—see the example below.
3. Get-Rich-Quick Investment Phishing Schemes
Scammers pose as financial advisors or investment firms, promising huge profits with little to no risk. Victims, attracted by the promise of easy money, are tricked into sharing banking details or transferring funds to fraudulent accounts. In reality, the investments don’t exist, and the scammers disappear with the money.
One common example is the exclusive investment opportunity scam, where victims receive emails offering a high-return investment deal—see below.
4. Limited-Time Offers Phishing Examples
Scammers send emails promoting “limited-time” sales or exclusive deals, pressuring recipients to act immediately before the offer expires. This tactic creates urgency and fear of missing out (FOMO), making victims more likely to click malicious links or enter personal and financial information without verifying the source.
One common example is the exclusive offer scam, where victims receive emails advertising "80% off best-selling products"—see below.
5. Fake Refund or Compensation Phishing Attacks
Scammers pose as banks, retailers, or government agencies, falsely claiming the recipient is eligible for a refund or compensation. Victims are asked to provide bank account details or click on malicious links to "receive their money." In reality, there is no refund—these scams are designed to steal personal and financial information.
One common example is the refund notification scam, where victims receive emails stating they are owed a refund due to an overpayment or error—see the example below.
Behavioral Psychology Behind Greed-Based Phishing Examples
Greed-based phishing manipulates emotions like excitement, urgency, and the desire for financial gain to trick victims into acting without thinking. When people see an offer that appears highly rewarding, they often ignore warning signs and fall for the scam.
Scammers exploit cognitive biases such as optimism bias (believing they are lucky and won’t be scammed) and loss aversion (fear of missing out on a great opportunity). These tactics make greed-based phishing highly effective. The University of Cambridge’s Psychology of Phishing Study provides deeper insights into how these psychological tricks influence decision-making.
Real Cases of Greed-Based Phishing Scams
Examining real-life incidents reveals how greed-based phishing scams exploit people’s desire for financial gain, often leading to financial loss and identity theft. Below are three recent cases that demonstrate the risks of falling for fraudulent offers.
Fake Lottery Winnings Scam
In late 2024, a Maryland resident, Thomas Johnson, received a letter claiming he had won a $450,000 lottery prize. The letter included a check and instructions to pay taxes upfront using a debit or credit card—a clear red flag of a scam. Legitimate lotteries never ask winners to pay fees upfront. This case highlights how lottery scams trick victims into providing personal and financial information, resulting in major financial losses. (Source: The Sun)
Exclusive Discounts Phishing Emails
In December 2024, residents of Jacksonville's Blackhawk Bluff neighborhood fell victim to a fraudulent Groupon scam. Scammers listed fake discounted tickets for the neighborhood’s annual free Christmas light show, misleading people into thinking they had to pay $16 per ticket. The event had always been free, making this scam an example of how cybercriminals use fake discount offers to steal money and damage trust in online platforms. (Source: The Sun)
How Keepnet Protects Against Greed-Based Phishing
Keepnet Human Risk Management offers advanced tools and training to help organizations defend against greed-based phishing scams. By simulating real-world attacks and educating employees, Keepnet helps reduce human risk and strengthen overall security.
AI-Powered Phishing Simulations
Keepnet’s Phishing Simulator helps organizations reduce social engineering risks by mimicking real-world phishing scams, such as fake lottery winnings and exclusive discounts. These AI-driven simulations adapt to employee behavior, training them to identify and report phishing attempts—increasing phishing reporting rates by up to 92%.
Customized Security Awareness Training
Keepnet’s Security Awareness Training provides personalized learning based on employee behavior. It includes:
- Interactive training modules to address greed-based phishing risks.
- Gamification and leaderboards to boost engagement.
- Behavioral nudges that encourage cautious decision-making.
Phishing Risk Score & High-Risk User Identification
Keepnet assigns a Phishing Risk Score to employees based on their responses to phishing simulations. Organizations can:
- Identify employees most vulnerable to scams.
- Provide additional training for high-risk individuals.
- Strengthen security awareness across different departments.
To learn more about how phishing risk scores help improve security, read Keepnet guide on Creating a Phishing Risk Score for Employees.
Incident Response
Keepnet’s Incident Responder empowers employees to report phishing emails instantly using the Phishing Reporter add-in. The system then:
- Analyzes threats with 20+ security engines, including Sandbox, Antivirus, and Threat Intelligence.
- Integrates with SOAR solutions like Palo Alto XSOAR, IBM Resilience, and Splunk for faster response.
- Uses AI to detect and stop zero-day phishing attacks.
- Investigates and removes phishing emails across 7,500 inboxes in 5 minutes.
- Works seamlessly with Office 365, Google Workspace, and Exchange servers.
- Ensures data privacy and scans archived emails for hidden threats.
With AI-driven automation and seamless integration, Keepnet helps organizations detect, analyze, and neutralize phishing threats quickly.
Executive Reporting with Actionable Insights
Keepnet tracks phishing resilience, employee engagement, and risk levels. Detailed executive reports provide organizations with:
- Clear insights into employee vulnerabilities.
- Data-driven strategies to improve security awareness.
- Benchmarks to measure progress over time.
To see how organizations assess and manage phishing risks at an executive level, read Keepnet's article on Executive Reports: Companies with the Highest Risk Scores.
By integrating simulations, training, and risk analysis, Keepnet helps organizations proactively defend against greed-based phishing threats before they cause damage.
Prevention and Response Strategies
To prevent greed-based phishing attacks, organizations should:
- Recognize Red Flags by watching for emails promising unrealistic rewards, urgent actions, or containing suspicious senders, poor grammar, or unverified links.
- Pause and Verify offers directly with the organization or consult IT/security teams if unsure.
- Strengthen Security Measures using multi-factor authentication (MFA) and email filtering to block phishing attempts.
- Train with Simulations by testing employees with realistic phishing scenarios like fake discounts and using gamification and leaderboards to boost awareness.
A mix of training, security tools, and phishing simulations helps reduce phishing risks effectively.
Learn how to spot common phishing tactics with our How to Spot Phishing Emails | A Comprehensive Guide.
Industry-Specific Risks
Greed-based phishing scams often target specific industries with tailored tactics:
- Finance: Fake investment opportunities promising high returns.
- Retail: Fraudulent coupons and exclusive sales designed to steal payment details.
- Corporate: Phishing emails offering fake bonuses or incentives to employees.
Organizations must adapt security measures to these industry-specific threats for better protection. Discover how to build a stronger defense with Keepnet's guide on AI-Powered Hyper-Personalized Security Awareness Program: A Strategic Guide for Organizations.
Strengthening Security Against Greed-Based Phishing
Greed-based phishing attacks exploit the desire for financial gain, making them highly effective. Recognizing suspicious offers, staying cautious, and using advanced security tools can help prevent these scams.
Organizations can reduce cybersecurity risks by using phishing simulations, behavior-based security training, and real-time threat monitoring. Training employees to spot phishing tactics and equipping them with automated reporting tools enhances protection against evolving threats.
For a comprehensive approach to managing human risk and strengthening security, check out the Keepnet Human Risk Management Platform.
For more phishing techniques, check out following articles:
- Fear-Based Phishing Examples: Scams That Exploit Anxiety and Panic
- Curiosity-Based Phishing Examples: Tricks That Spark Your Interest.
SHARE ON