Connect with us

Google

Google made a phishing quiz to teach you about email scams

Can you pass it?

google phishing quiz
Image: Google

Phishing is on the rise, with events like the iCloud ‘hack’ (aka The Fappening) and spear-phishing campaigns against political parties underscoring just how sophisticated the emails sent by the attackers are getting. Assuming it got past your email providers inbuilt spam protection, do you know how to identify a fraudulent link in an email?

To help raise awareness (and hopefully stop some people turning into victims), Jigsaw, a subsidiary of Alphabet (yes, the one that owns Google), has created a short interactive quiz to show what to look for on malicious emails.

Check it out

The quiz consists of eight emails, some of which are phishing, some of which are from legitimate senders. All of them are inspired by real emails that were either detected by spam filters or were used in some notable phishing campaigns.

When you start the quiz, you can add your real name and email to make the examples feel more realistic, although as no data leaves the site you can just as easily put fake details in. Once you get to the questions, you can hover or long-press on elements of the emails to see things like the URL that links go to, hopefully giving you enough information to figure out if it’s a scam or legit.

How it works

phishing email

Image: Jigsaw

I consider myself fairly good at spotting this kind of malicious email, and even then I only got 6 out of the 8 right. Pay attention to the URLs themselves, if they have extra characters or more words after the .com portion, all ways that hackers try to obfuscate their bad links to appear like legit ones.

To give you some examples of the real-life phishing campaigns that inspired some of the questions, one is based on the email that Russian hackers used to get access to Hillary Clinton’s campaign, through John Podesta’s emails. Another is a carbon-copy of a legitimate Google security alert, that goes to a phishing site to try and get you to type in your login information.

The quiz also shows why the email is fraudulent (or not) and which things to look for, whether you get the question correct or not. Forewarned is forearmed, so maybe the next time a phishing email lands in your inbox, you’ll know not to click on it.

Did you try the quiz? How did you do? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Google