Credential Harvesting Module

A credential harvesting email tries to trick you into typing sensitive information into a fake website or replying with it directly. Forensic-Email scans the email body for language that explicitly requests sensitive data, using verb-anchored patterns to minimize false positives.

• Password
  The email asks you to enter, provide, or share your password. No legitimate service will ask for your password via email.

• Social Security Number
  The email asks you to provide your Social Security number (SSN) or Social Insurance number (SIN). Legitimate organizations that need your SSN have established, secure ways of collecting it that do not involve email requests.

• Credit / Debit Card
  The email asks you to enter or confirm your credit card or debit card number, including card verification codes (CVV/CVC) or expiration dates. Legitimate payment services never request card numbers over email.

• OTP / Verification Code
  The email asks you to share a one-time password, verification code, PIN, or authentication token sent to your phone or authenticator app. Legitimate services never ask you to share these codes — sharing one hands full access to an attacker.

• PIN
  The email asks you to provide or confirm a PIN number. PINs are personal security codes that should never be shared or transmitted over email.

• Bank Account
  The email asks you to enter or confirm your bank account number or routing number. Legitimate banks and payment services do not collect account details via email.