What is clone phishing?

Clone **phishing** recreates legitimate messages with malicious modifications. Attackers copy real emails you've received, replace links or attachments with malicious versions, and re-send claiming updated information or corrections.

Effectiveness comes from familiarity. Recipients recognize the email format and content from previous legitimate communication. The "updated" version seems plausible. Attackers may compromise accounts to access original messages.

Detection clues: requests to "re-click" or "try again," claims of updated links or attachments, and slight inconsistencies with the original. Training users to be suspicious of duplicated communications helps defense.