A few days ago, I browsing my favorite online tech and news sites, catching up with the latest tech happenings, and I ran across an article written last December on CBSNews.com, talking about the number of people that still get tricked by “Phishing” emails.
Phishing is something we talk a lot about when we teach our Internet Safety classes and is also one of the major threats I discuss in all my safety related articles.
In fact, here are two recent articles, both of which talk about the dangers of Phishing Emails…
But I what I really found interesting in this December, 2014 article was the link it had to an actual Phishing Quiz you could take to test your knowledge (I have a link to it below).
The quiz was originally developed by Intel Security using emails collected by researchers at McAfee Lab (a major vendor of Internet Safety products), and was originally given to 100 attendees of a security conference.
What’s amazing is that on average, those given the quiz were able to identify only two-thirds of the fake (phishing) emails. Considering the fact that these are professional security folks, that’s a bit alarming!
But I guess what we can learn is that those bad-guys who are trying to steal our private information using phishing emails, are getting more and more crafty, which means we have to be even more vigilant than every before.
As a reminder, here is what I tell folks about Phishing Emails…
- NEVER click a link in an email that “seems” to be from a financial institution (your bank, finance company, PayPal, etc.). Instead, open your browser and visit the site yourself, by typing in the address.
- Carefully look at potential phishing emails for signs they are fake, including missspelled words, poor graphics, and especially strange looking web addresses (URLs) that don’t include the company name. (Example, instead of paypal.com, you see something like paypal.bogussite.com).You can “see” the actual web address of a link by “mousing over it”. You should either see a small pop-up showing the address, or see the actual address at the bottom of your screen on the status-bar.
- If the message includes an attachment, do NOT open it. In fact, the best thing to do is just delete the message.
Although the original McAfee Quiz is no longer available, here’s another Quiz you can take over at the OpenDNS Site (which is owned by Cisco)…
CLICK HERE to visit the OpenDNS Phishing Quiz
By the way, just for fun, I took the original McAfee quiz and actually got 100% the first time. No kidding! All I did was follow my own rules, especially paying attention to the addresses hidden behind the links.
Here’s a screenshot of my results…
More Resources on Internet Safety
If you’d like more information about staying safe, I have a list of other articles I’ve written on the subject.
CLICK HERE to see DiscoverSkills articles on Staying Safe…
I also have a book I use for my safety class called “Staying Safe on the Internet“.
CLICK HERE to read more about the book
If you take the Quiz, let me know how things went! You can leave your comment below…
I tried to take the phishing quiz but all I found was an example of LinkIn and American Express which I think is fraudulent. How do I get beyond the example?
Thanks!
Love your newsletters–full of good stuff.
Hi Joan…
Once you click Start the Quiz from the first page you get to, you’re shown an email message. Just above it are two buttons… Legitimate Email and Phishing Email. Once you make a choice by clicking one of those buttons, it takes you to the next page. There are 10 in total.
Take care!
John Lortz
Wondering if learning about iphone includes android, which is what I have?
Hi Karen…
The classes that we have on the iPhone and the iPad won’t do you much good with your Android phone/tablet, since the Android “operating system” is quite different than the operating system on the iPhone/iPad.
The other thing that makes it a bit more difficult for me to offer a class on Android is that there are many different “flavors” of Android… all of which are a bit different. I actually have two Android tablets, so I am familiar with the operating system, but only that version of Android these two have.
BUT… What I am planning on doing is putting together some video training on Android that I’ll have on the DiscoverSkills site. It’s one of my goals to get that done early this summer.
Take care!
John Lortz
i took the test and got a 70 i also read on avg that there should be a s after the http none of these have that???
Hi Joel…
70 is not bad at all! Good Job!
With regards to the “https://” versus “http://”, the “s” indicates a “secure page”, which means that any private information you type in (such as a password, account number, etc.) will be incrypted on your computer before it’s sent across the Internet.
Generally, only pages that need to be secure have the “s” on the end of https://. And sometimes, when you are looking at a link on an email to a site, the site itself will have the “s” in the address, but the link won’t.
So although it’s important to look for the “s” (as well as a padlock icon which is typically also there) when you are going to type in private information, for general pages where you aren’t typing that information in, you probably won’t see it.
Take care!
John Lortz