Crazypatterns logo Crazypatterns logo
CrazyPatterns
Your creative ideas
Quick to Target
Browse Categories
Community & Help

Crazypatterns — Email Security: Identify Phishing & Verify Emails

Overview

Quick summary first: We keep our email-sending infrastructure technically up to date and explain below how you can verify whether an email from Crazypatterns is genuine. You’ll also find current figures and trends on phishing/spam.

1) What we do at Crazypatterns is state of the art

  • Authenticated sender domain: Our emails are protected with SPF (authorized sending servers) and DKIM (cryptographic signatures) and are monitored via DMARC. In many email clients, you’ll find this under Authentication-Results; legitimate emails usually show spf=pass, dkim=pass, and dmarc=pass. (IETF Datatracker, Google Help)
  • No data harvesting: We never ask for passwords, payment information, authentication codes, or similar via email.
  • Attachments and content: We don’t send .zip/.exe attachments, and we don’t deliver instructions as email attachments.
  • Domain clarity: Our links point to https://www.crazypatterns.net, and sender addresses end with @crazypatterns.net (watch out for look-alike domains).
  • How to report suspicious emails: Don’t click links or download attachments. If needed, open our website manually in your browser and forward suspicious emails, including full headers, to Support — we’ll review and block abusive senders if necessary.

How to technically verify an email (Gmail example)

  • Open the email → ⋮ More → “Show original.” At the top, you’ll see the authentication results; in the headers, you’ll find Authentication-Results. If it shows “pass,” the message is very likely legitimate; if you see “fail/softfail,” don’t click anything and forward it to Support. (Google Help)

2) Current information on email fraud (Phishing/BEC) — why caution remains important

  • Phishing volume: The Anti-Phishing Working Group counted nearly 5 million attacks in 2023 (a record year). In 2024, the numbers dipped at first, then rose again; Q4 2024: 989,123 attacks; Q1 2025: 1,003,924 — the highest level since late 2023. (docs.apwg.org, apwg.org)
  • Business Email Compromise (BEC): According to the FBI IC3, reported BEC losses in 2024 totaled $2.77 billion; in total, 859,532 complaints about internet crime were filed, with $16.6 billion in losses (+33% vs. 2023).
  • “Human factor”: According to the 2024 Verizon DBIR, human error contributed to 68% of breaches; the median time to “take the bait” from a phishing email was under 60 seconds. (Verizon)
  • New tactics: APWG reports that criminals send millions of emails with QR codes (“quishing”) every day, leading to phishing sites/malware. (apwg.org)

3) Developments that influence phishing trends

  • Tighter mailbox rules since 2024 (Google/Yahoo):
    Since February 2024, major inbox providers have enforced, among other things, SPF/DKIM, DMARC (for bulk senders), TLS, domain alignment, and one-click unsubscribe. The spam rate must also remain below 0.3%. This has significantly increased authentication rates across the ecosystem. (Google Help, senders.yahooinc.com)
  • Measurable impact on adoption: Data shows a sharp rise in DMARC records at the start of 2024 (accelerating noticeably after the Google/Yahoo announcements and rollout). (Valimail, Dark Reading)
    Additionally, BIMI (logo display based on DMARC) is also on the rise; between May 2024 and January 2025, the number of domains with BIMI DNS records increased by 28% among the top one million domains. (URIports)
  • Attackers’ counter-moves: In parallel, threat actors are leaning more on QR codes (see above) or using social engineering/BEC variants. ENISA lists social engineering (including phishing/BEC) as one of Europe’s key threat areas. (securitydelta.nl)

4) Practical tips (for Crazypatterns emails – and in general)

  1. Verify the sender: Does the address really end with @crazypatterns.net? Beware of swapped or visually similar characters.
  2. Check links: Hover to preview the destination URL — legitimate links point to https://www.crazypatterns.net/. When in doubt, type the address manually instead of clicking.
  3. Look at the headers: In Gmail or other clients, open the original message and check for spf=pass, dkim=pass, and dmarc=pass. If you see “fail/softfail,” don’t click anything; forward to Support. (Google Help)
  4. Never submit sensitive data via email: Crazypatterns will never ask for passwords, payment information, or other sensitive data via email.
  5. QR codes and attachments: Treat QR codes in emails/attachments with caution (“quishing”). We do not send .zip/.exe attachments. (apwg.org)
  6. Use MFA/2FA: Multi-factor authentication (MFA) dramatically lowers the risk of account compromise (Microsoft data: about 99% fewer account takeovers). (Microsoft)
  7. Stay alert to BEC: If you receive requests to change payment or bank details, always verify them through a second channel (for example, by messaging or calling a known number). Never reply directly to the email thread. FBI data shows BEC causes the highest financial losses.

5) Conclusion

Email remains a heavily targeted channel. We secure our communications with SPF, DKIM, and DMARC and provide clear processes. If you follow the checks above — especially reviewing headers, opening links manually, and never sharing sensitive data via email — you’ll be on the safe side. The data from APWG, FBI IC3, Verizon, and ENISA confirms this: technical hardening combined with user vigilance works — and remains essential.

Sources and references

  • APWG, Phishing Activity Trends (Q1 2025; Q4 2024; Q1 2024). (apwg.org, docs.apwg.org)
  • FBI, IC3 Internet Crime Report 2024 (complaints, losses; BEC losses).
  • Verizon, Data Breach Investigations Report 2024 (Human factor 68%; phishing reaction times). (Verizon)
  • ENISA, Threat Landscape 2024 (Social engineering/BEC as key threats). (securitydelta.nl)
  • Google, Email sender guidelines (SPF/DKIM/DMARC, TLS, alignment, 0.3% threshold, one-click unsubscribe). (Google Help)
  • Yahoo, Sender Best Practices (authentication, one-click unsubscribe, complaint thresholds). (senders.yahooinc.com)
  • Google Help, “Show original”/Authentication-Results (viewing headers and checking SPF/DKIM/DMARC in Gmail). (Google Help)
  • Valimail/Dark Reading, DMARC adoption 2024 (sharp increase around the Gmail/Yahoo requirements). (Valimail, Dark Reading)
  • URIports, BIMI adoption 2024→2025 (+28% among top one million domains). (URIports)
  • Microsoft, Digital Defense Report 2023 (MFA reduces compromises by about 99%). (Microsoft)

Note: SPF (RFC 7208), DKIM (RFC 6376), and DMARC (RFC 7489) are IETF standards; if you want to dig deeper, you’ll find the specifications here. (IETF Datatracker)

As of September 10, 2025

Stay vigilant — and report suspected cases to us with full headers.
Thank you!

Win shopping credit every month!

42 prizes / total value €300: 30×€5, 10×€10, 2×€25 – simply activate the newsletter. No purchase necessary. Unsubscribe at any time. Prizes are awarded as Crazypatterns shopping credit. Learn more

Register for free Activate newsletter