Some banks seem to see no contradictions in spamming people with regulatory "know-your-customer" emails that look just like phishing expeditions. What’s more, these KYC emails include not just one, but at least three identifying marks of social engineering:

+ email trackers

+ suspicious links

+ urgent requests for personal information

Personally, my favourite thing is to receive suspicious emails from "no-reply" senders:

What’s yours?