Over 29,000 phishing emails are reported each month on average to the AntiPhishing Working Group. If we consider that at least 5% of these emails achieve their target, at least 1,450 distinct email users a month are caught in the phisher’s net. This study attempts to understand the basic deception techniques utilized by phishers when creating the phishing emails. Exploratory content and linguistic analyses are performed to elicit the most widely used deception techniques and linguistic features that seem to be prominent in phishing emails. Preliminary results provide evidence to support that phishers utilize a very reduced and recognizable subset of deception techniques. Moreover, paired with these deception techniques, specific linguistic features seem to create a recognizable pattern of phishing emails that can be used to aid detection and filtering.