Majory's Phishing IQ Quiz

1. What is phishing?

A criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details.

Is the same as fishing in a lake.

Is an act of stealing fish.

The occupation of catching fish for a living.

Taking or attempting to take aquatic animal life by any means.

Phishing is a form of cybercrime where individuals or organizations attempt to deceive others into revealing sensitive information such as usernames, passwords, and credit card details. This is typically done through fraudulent emails, websites, or messages that appear to be from a legitimate source. The goal of phishing is to trick unsuspecting victims into providing their personal information, which can then be used for illegal activities such as identity theft or financial fraud. It is important to be cautious and vigilant to avoid falling victim to phishing attacks.

Explanation

Phishing is a form of cybercrime where individuals or organizations attempt to deceive others into revealing sensitive information such as usernames, passwords, and credit card details. This is typically done through fraudulent emails, websites, or messages that appear to be from a legitimate source. The goal of phishing is to trick unsuspecting victims into providing their personal information, which can then be used for illegal activities such as identity theft or financial fraud. It is important to be cautious and vigilant to avoid falling victim to phishing attacks.

2. Phishing filters are designed to:

Recover fishing objects lost while drilling the lakes and rivers.

Catch large fish or whales.

Allow users online to acquire their lost usernames and passwords.

Phishing filters are designed to protect the web surfer from socially engineered phishing scams which try to trick the intended victim into visiting a fraudulent website. These filters help to identify and block suspicious emails, websites, or other online content that may be attempting to steal personal information or deceive users into providing sensitive data. By detecting and preventing these scams, phishing filters help to ensure the online safety and security of users.

Explanation

Phishing filters are designed to protect the web surfer from socially engineered phishing scams which try to trick the intended victim into visiting a fraudulent website. These filters help to identify and block suspicious emails, websites, or other online content that may be attempting to steal personal information or deceive users into providing sensitive data. By detecting and preventing these scams, phishing filters help to ensure the online safety and security of users.

3. Take a look at the email below – Why is it “fake”?

This PayPal phishing scams is trying to trick recipients by pretending to be some sort of security alert.

It is not possible at all for the displayed link to be bogus.

This PayPal phishing scams is NOT trying to trick recipients by pretending to be some sort of security alert.

The email is considered "fake" because it is a PayPal phishing scam that is attempting to deceive recipients by posing as a security alert. There is a possibility that the displayed link in the email is fake, and clicking on it could lead the recipient to a website controlled by the attacker.

Explanation

The email is considered "fake" because it is a PayPal phishing scam that is attempting to deceive recipients by posing as a security alert. There is a possibility that the displayed link in the email is fake, and clicking on it could lead the recipient to a website controlled by the attacker.

Submit

4. Take a look at the diagrams below – They are all existing security toolbars!

NETCRAFT TOOLBAR

SPOOFSTICK

SPOOFGUARD

TRUE

FALSE

The explanation for the correct answer "TRUE" is that the given diagrams represent existing security toolbars. The first diagram is the Netcraft Toolbar, the second diagram is the Spoofstick, and the third diagram is the Spoofguard. Therefore, the statement "They are all existing security toolbars" is true.

Explanation

The explanation for the correct answer "TRUE" is that the given diagrams represent existing security toolbars. The first diagram is the Netcraft Toolbar, the second diagram is the Spoofstick, and the third diagram is the Spoofguard. Therefore, the statement "They are all existing security toolbars" is true.

5. Take a look at the email below – Why is it legitimate?

Because they provided an email link to contact them if you have a question.

They do not ask you to do anything related to this email.

The ‘’email to” does not look like a valid email address.

The ‘’email to” looks a like a valid email address.

The email is considered legitimate because it provides an email link for contact, indicating that the sender is open to communication and can be reached for any questions or concerns. Additionally, the fact that they do not ask the recipient to do anything related to the email suggests that it is not a phishing attempt or a scam. Lastly, the 'email to' address appears to be a valid email address, further supporting the legitimacy of the email.

Explanation

The email is considered legitimate because it provides an email link for contact, indicating that the sender is open to communication and can be reached for any questions or concerns. Additionally, the fact that they do not ask the recipient to do anything related to the email suggests that it is not a phishing attempt or a scam. Lastly, the 'email to' address appears to be a valid email address, further supporting the legitimacy of the email.

Submit

6. Take a look at the email below – Why is it “fake”?

Dear e-gold user

As you may have heard, to celebrate e-golds dominance of the e-currency market,between now and the 31st of February, the worlds leading market makers have joined forces togive you the chance to win $500 worth of e-gold every day! That's right, every single dayuntil the 31st of February, one e-gold user is GUARANTEED to win $500 in e-gold!

Simply login to your account and the 500th user to login each day automatically wins!

What's more, every 100th user logging in from the link above will be entered into our "Grand Gold Super Draw", which will take place on 1 March 2004.

Prizes for the Grand Gold Super Draw are as follows:

1st Prize - $500
2nd Prize - $250
3rd Prize - $100
Terms and conditions of this promotion:
Only one competition entry per user may be made from the above link per 24 hours. Multiple logins within 24 hours from the above link will be declared void. All winners will be notified via their registered email address within 48 hours of logging in. Deposits will be made into winners accounts within 5 days of email notification. For the purposes of this promotion, each day will begin at 0.00 GMT.

A list of all winners will be made available upon request from 3 March 2004

Because E-Gold will AWALYS ask customers to log on to their accounts via a link in an email.

Because E-Gold will NEVER ask customers to log on to their accounts via a link in an email.

Because the email is trying to trick recipients into providing personal information on a bogus website.

Because the email falsely claims that e-gold is running a competition.

The correct answer is because E-Gold will NEVER ask customers to log on to their accounts via a link in an email, because the email is trying to trick recipients into providing personal information on a bogus website, and because the email falsely claims that e-gold is running a competition. This is because legitimate companies and organizations will never ask for personal information or login credentials through email, especially through links provided in the email. Additionally, the email's claim of a competition may be a tactic to lure recipients into providing their information on a fake website.

Explanation

The correct answer is because E-Gold will NEVER ask customers to log on to their accounts via a link in an email, because the email is trying to trick recipients into providing personal information on a bogus website, and because the email falsely claims that e-gold is running a competition. This is because legitimate companies and organizations will never ask for personal information or login credentials through email, especially through links provided in the email. Additionally, the email's claim of a competition may be a tactic to lure recipients into providing their information on a fake website.

Submit

7. Take a look at the email below – Why is it “fake”?

From: Department of Finance

Subject: Notification - Please Read This.

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $112.80. Please submit the tax refund request and allow us 6-9 days in order to process it.

A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.

To access the form for your tax refund, please click here.[LINK REMOVED]

Regards,
Department of Finance Canada

Because no legitimate government tax office is ever likely to inform citizens about a tax refund via an unsolicited email.

Because they is no company logo

Because A link in the scam email will probably open a fake web form that asks for sensitive personal information.

The correct answer is because information entered into the fake refund form can be collected by the scammers and subsequently used for fraud and identity theft, because no legitimate government tax office is ever likely to inform citizens about a tax refund via an unsolicited email, and because a link in the scam email will probably open a fake web form that asks for sensitive personal information. This email is considered "fake" because it contains red flags commonly associated with phishing scams, such as requesting personal information through an unsolicited email and providing a link that could lead to a fraudulent website.

Explanation

The correct answer is because information entered into the fake refund form can be collected by the scammers and subsequently used for fraud and identity theft, because no legitimate government tax office is ever likely to inform citizens about a tax refund via an unsolicited email, and because a link in the scam email will probably open a fake web form that asks for sensitive personal information. This email is considered "fake" because it contains red flags commonly associated with phishing scams, such as requesting personal information through an unsolicited email and providing a link that could lead to a fraudulent website.

Submit

8. Take a look at the email below – Why is it legitimate?

Because the email does not have your name, in this case “John Doe”

Because the URL matches the displayed URL

Because the URL does not match the displayed URL.

Because the email does not require you to provide sensitive data.

The email is considered legitimate because it does not have the recipient's name, in this case "John Doe", which indicates that it is not a targeted or personalized phishing attempt. Additionally, the URL in the email matches the displayed URL, suggesting that it is not a spoofed or fraudulent website. Lastly, the email does not require the recipient to provide sensitive data, further indicating that it is not a phishing attempt trying to obtain personal information.

Explanation

The email is considered legitimate because it does not have the recipient's name, in this case "John Doe", which indicates that it is not a targeted or personalized phishing attempt. Additionally, the URL in the email matches the displayed URL, suggesting that it is not a spoofed or fraudulent website. Lastly, the email does not require the recipient to provide sensitive data, further indicating that it is not a phishing attempt trying to obtain personal information.

Submit

9. Take a look at the email below – Why is it “fake”?

A)Because banks will never write to you and ask you for your password or any other sensitive information by email.

B)Because the message contains odd "spe11ings" or cApitALs in the "Subject:" box as well as grammatical and spelling errors.

C)Because the message says ‘’Please do not reply to this email.

D)Because the message is too long.

The email is considered "fake" because banks typically do not ask for sensitive information like passwords through email, making option a) the correct answer. Additionally, option b) points out that the email contains odd spellings, capitalizations, and grammatical errors, which are common signs of a fake or phishing email.

Explanation

The email is considered "fake" because banks typically do not ask for sensitive information like passwords through email, making option a) the correct answer. Additionally, option b) points out that the email contains odd spellings, capitalizations, and grammatical errors, which are common signs of a fake or phishing email.

Submit

10. Take a look at the email below – Why is it “fake”?

Because phishing email includes the eBay logo in an attempt to gain credibility

Because they are asking the individual to provide sensitive data.

Because they are not asking the individual to provide sensitive data.

Because SunTrust will never address their email as ‘’Dear valued SunTrust member’’

The email is considered "fake" because it includes the eBay logo in an attempt to gain credibility, which is a common tactic used in phishing emails. Additionally, the email is asking the individual to provide sensitive data, which is another characteristic of a phishing attempt. Lastly, the email addresses the recipient as "Dear valued SunTrust member," which is not how SunTrust would typically address their customers in an official email.

Explanation

The email is considered "fake" because it includes the eBay logo in an attempt to gain credibility, which is a common tactic used in phishing emails. Additionally, the email is asking the individual to provide sensitive data, which is another characteristic of a phishing attempt. Lastly, the email addresses the recipient as "Dear valued SunTrust member," which is not how SunTrust would typically address their customers in an official email.

Submit