Comprehensive List of User Deception Techniques in Emails
It provides a modular reference for researchers and practitioners developing countermeasures against email deception, though it is incremental as it builds on prior literature.
The paper tackles the problem of email-based deception by compiling a structured list of 42 techniques with 64 example implementations, focusing on sender, link, attachment, and rendering aspects without evaluating effectiveness.
Email remains a central communication medium, yet its long-standing design and interface conventions continue to enable deceptive attacks. This research note presents a structured list of 42 email-based deception techniques, documented with 64 concrete example implementations, organized around the sender, link, and attachment security indicators as well as techniques targeting the email rendering environment. Building on a prior systematic literature review, we consolidate previously reported techniques with newly developed example implementations and introduce novel deception techniques identified through our own examination. Rather than assessing effectiveness or real-world severity, each entry explains the underlying mechanism in isolation, separating the high-level deception goal from its concrete technical implementation. The documented techniques serve as modular building blocks and a structured reference for future work on countermeasures across infrastructure, email client design, and security awareness, supporting researchers as well as developers, operators, and designers working in these areas.