Clone Phishing: What It Is and How to Protect Yourself

Duplicate emails are rare; pay close attention if you receive one

Cloning is the act of making an identical copy of something. In terms of computers and electronic communications, clone phishing involves using a legitimate email and using it to create a nearly identical copy of it to defraud others.

What is Clone Phishing?

Most people are familiar with phishing emails. Clone phishing is an email scam that differs from standard phishing emails in a few key ways:

  • A previously delivered email from a legitimate source is copied and used in clone phishing attacks.
  • The original attachments or links in the legitimate email are replaced with malicious links.
  • The original sender's email address is spoofed to make the new, cloned email appear as if the original sender were still involved.
  • The new email will usually claim to be a re-send or updated version of the original.

How to Recognize a Clone Phishing Attack

A conceptual illustration of a clone phisher.
Lifewire / Theresa Chiechi

In these attacks, scammers rely on readers to believe the email is completely real. You can check the sender and it will look real because the email address has been spoofed and the body of the message will look just like the email you recently received from that person.

The only differences will be in the actual attachment or links provided, which the new email will claim are simply updates to the previously sent email. These are likely your only clues that the email could be cloned.

Never reply to an email you think might have been cloned. Your response will go directly to the attacker who will, of course, verify the second email is real.

How to Protect Yourself from A Phishing Email

If you do see the differences above, your first line of defense is to contact the original sender via a separate email and ask them to confirm the second email is legitimate. If it's not confirmed, take the following steps to protect yourself:

  1. Immediately change all passwords and usernames you use on the internet. In order to be successful with clone phishing, the hacker almost always already has at least some of your login credentials.

    Utilities, streaming services, and other types of accounts you use online can all house sensitive information about you; your first step is to block scammers from getting any further information about you or gaining access to any of your online accounts. Since you don't know where the hacker got them, it's critical you change all your passwords as soon as possible.

  2. Never click links or attachments in emails until you have confirmed them with the original sender or were expecting the email.

  3. Don't download anything an email suggests. Instead, look for the app in a trusted app store to get the download or, again, confirm with the original sender that the download is legitimate.

  4. Keep your antivirus program updated to help you spot nefarious links and attachments. Many versions of clone phishing involve the creation of fake websites, which a strong antivirus can help spot if you happen to click the link.

What to Do If You Are a Victim of Clone Phishing

If you believe you have been a victim of a cloned email in the work environment, immediately contact your tech support team for further guidance. If you've been attacked via personal email, report the scam immediately to the proper authorities.

Next, take steps to determine whether or not you have acquired a virus or if hackers have obtained any personal information that could be used to steal funds or open financial accounts in your name. There are several steps you can take to protect yourself from further harm.

How to Avoid Becoming a Scam Victim Again

It's unfortunate, but the best rule is to not trust anyone online unless you personally know them. There are a variety of red flags you can watch for to identify internet scams.

Additionally, get up to speed on what other types of email scams look like so you can avoid them. Pharming scams, for example, are a specific type of email scam that direct users to fake websites specifically to steal personal and financial information.

There are a wide variety of online scams out there; use caution and vigilance with every email and every website.