dslreports logo
 story category
What’s Your Phishing IQ?
Take the quiz; all of the cool kids are doing it.
Phishing scams are on the rise. Emails from scammers posing as IRS and other government agencies “attempt to trick consumers into divulging personal financial information.” Are you safe? McAfee is offering a ten-question quiz that you can take to see how well you know your phishing scams; the results show you why you were right or wrong on your responses. If you have a need to be at the top of the class, you can compare your score with some of our users here.
view:
topics flat nest 
page: 1 · 2 · next

Grothendieck
Premium Member
join:2002-07-28
Miami, FL

Grothendieck

Premium Member

9/10

Got 9/10

Missed the last one about SSL certificate or something.

hayabusa3303
Over 200 mph
Premium Member
join:2005-06-29
Florence, SC

hayabusa3303

Premium Member

Re: 9/10

said by Grothendieck:

Got 9/10

Missed the last one about SSL certificate or something.
Ditto. same here

trparky
Premium Member
join:2000-05-24
Cleveland, OH

trparky

Premium Member

Re: 9/10

Ditto.

Trimline
Premium Member
join:2004-10-24
Windermere, FL

Trimline to Grothendieck

Premium Member

to Grothendieck
Yippee.

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

Nice work! Your practically clairvoyant knowledge of the Web allows you to spot even the most realistic looking spoofed sites. We're impressed!

That's the one's *we* know of. Always take caution.

Geddy
join:2004-12-02
Westerly, RI

Geddy to Grothendieck

Member

to Grothendieck
I got 9/10, got confused on the amazon one

what gets to me, is the fact that once scammers learn to spell, were all screwed (according to this quiz) =P
xo9
join:2007-06-15
Perry, FL

xo9

Member

Re: 9/10

we're*

and i agree. ;]
MrBentor
join:2003-02-18
Seattle, WA

MrBentor to Grothendieck

Member

to Grothendieck
YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

I'd better go good on a test like that - or I would have to fire my self...
radougherty
join:1999-07-23
Austin, TX

radougherty to Grothendieck

Member

to Grothendieck
said by Grothendieck:

Got 9/10

Missed the last one about SSL certificate or something.
I was going to say false but blew it and said true.

Jameson
Premium Member
join:2004-05-28
united state

Jameson to Grothendieck

Premium Member

to Grothendieck
10/10

furlonium
join:2002-05-08
Allentown, PA

furlonium

Member

Yay!

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

I like how the one site said "their have been" instead of "there"

Grammar is a good way to check, too.

dvd536
as Mr. Pink as they come
Premium Member
join:2001-04-27
Phoenix, AZ

dvd536

Premium Member

Re: Yay!

said by furlonium:

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

I like how the one site said "their have been" instead of "there"
I've seen alot of that here too

alg
Passionately apathetic
Premium Member
join:2001-04-10
Houston, TX

alg

Premium Member

Re: Yay!

said by dvd536:
said by furlonium:

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

I like how the one site said "their have been" instead of "there"
I've seen alot of that here too
Indeed.

Robert
Premium Member
join:2001-08-25
Miami, FL

1 edit

Robert

Premium Member

Rating: Safety Guru

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

Nice work! Your practically clairvoyant knowledge of the Web allows you to spot even the most realistic looking spoofed sites. We're impressed!

Here are all the examples, for those who didn't want to do the quiz.

»cache01.ae1.net/8c985935 ··· 8fcc.jpg

wifi4milez
Big Russ, 1918 to 2008. Rest in Peace
join:2004-08-07
New York, NY

wifi4milez

Member

9 out of 10!

Some of those questions were difficult to figure out. Overall a very good test for those who use the web a lot!

wee96
Your Local Confederate
join:2000-04-12
Clinton Township, MI

wee96

Member

Neat

10 of 10 woo hoo.

ColorBASIC
8-bit Fun
Premium Member
join:2006-12-29
Corona, CA

ColorBASIC

Premium Member

8/10

I didn't think of checking for grammar and spelling mistakes so on a few I guessed. But those sites were 2 I don't have an account with so a phishing attack wouldn't have worked on me anyway.

Snickerdo3
Premium Member
join:2001-02-28
Niagara Falls, ON

Snickerdo3

Premium Member

Re: 8/10

That's the first thing you've gotta check. Also checking for some obvious things, like credit card numbers and poor HTML coding helps too.

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

Stefania
Jezu Chryste, Kubi
Premium Member
join:2003-03-17
Chicago, IL

Stefania to ColorBASIC

Premium Member

to ColorBASIC
I got 8/10 as well... I didn't think to check the address bar since the text was so funky and the Windows UI is a bit confusing to me.

Transmaster
Don't Blame Me I Voted For Bill and Opus
join:2001-06-20
Cheyenne, WY

Transmaster to ColorBASIC

Member

to ColorBASIC
Ditto here did spot the bad grammar.

pokesph
It Is Almost Fast
Premium Member
join:2001-06-25
Sacramento, CA

pokesph

Premium Member

Phished!

hmmm 8/10

the Amazon site caught me off-guard. I'm not too sure on the last question.. it's pretty hard to spoof a legit SSL cert.. it does have to be verified through a 3rd party - so not sure why they say it can be spoofed (I assume it's not self-signed, and I DO look at the certs myself..)
ottawa_guy0
join:2005-06-03
Ottawa, ON

ottawa_guy0

Member

Re: Phished!

Yep 9/10... The capital one site got me. The one I chose looks like the Canadian site, which I do have an account on.

Rogue Wolf
An Easy Draw of a Sad Few
join:2003-08-12
Troy, NY

Rogue Wolf

Member

Re: Phished!

said by ottawa_guy0:

Yep 9/10... The capital one site got me. The one I chose looks like the Canadian site, which I do have an account on.
Same one got me, only because the one I thought was a fake asked for the SSN number. That always throws up red flags for me. I guess I forgot to check the writing on the wall... err, I mean the page.
whoamIoramI
join:2004-05-17
Jersey City, NJ

whoamIoramI to pokesph

Member

to pokesph

6/10

Damn, I thought I did good and I find myself as being great at finding shit like this.

I had my mom do it and my dad. Both got 3/10

No wonder these shit heads make so much money.
BosstonesOwn
join:2002-12-15
Wakefield, MA

BosstonesOwn to pokesph

Member

to pokesph

Re: Phished!

said by pokesph:

hmmm 8/10

the Amazon site caught me off-guard. I'm not too sure on the last question.. it's pretty hard to spoof a legit SSL cert.. it does have to be verified through a 3rd party - so not sure why they say it can be spoofed (I assume it's not self-signed, and I DO look at the certs myself..)
Any one can generate ssl certs. I myself do it on servers. The major thing is that they will most times pop up a box saying hey the cert is signed but not by xxxxxx company would you like to proceed ? and most people click through.
If malware is on the machine it can and will put the site into the trusted zone and the ssl pop up never shows up.

I generate my own for most servers because I encrypt all traffic even on the lan.

jsimmons
MVM
join:2000-04-24
Falls Church, VA

jsimmons

MVM

Got 10 of 10.

Not a guru here... but very mindful of Phishing scams.

stomp357
join:2003-04-13
Lake Charles, LA

stomp357

Member

I got 10 of 10 right

I'm so "anal" about stuff dealing with my money. Last year my debit card number was lifted from somewhere, and $400.00 was withdrawn $40.00 at a time over a 2 day period (Saturday, & a Sunday) before I checked my account online, and seen the transactions. The money was being deposited into an Alipay.com account overseas. Have no idea how they got the number as the only online sites I use my debit card is with Amazon, Newegg, ComputerGeeks and HighTech (Aces High WWII multiplayer flight sim.).
I canceled that card, and the bank refunded all the charges a week, or so later. I now only do money order transactions with vendors, and pay my bills through my banks website.

swhx7
Premium Member
join:2006-07-23
Elbonia

1 edit

swhx7

Premium Member

Re: I got 10 of 10 right

If you have a credit card, it's a lot easier than money orders for online transactions, and safer than a debit card. There is theoretically a $50 risk, but in practice you can dispute transactions and get them taken off. And it won't expose your bank account.
pcnetworx1
join:2005-09-21
Bethel Park, PA

pcnetworx1

Member

10/10

Would be funny if there was a bonus game at the end for a perfect score.

chakey
Premium Member
join:2004-06-14
Gladstone, NJ

chakey

Premium Member

9/10

Amazon got me.

M A R S
Premium Member
join:2001-06-15
Long Island

M A R S

Premium Member

Re: 9/10

said by chakey:

Amazon got me.
Same, 9/10

swhx7
Premium Member
join:2006-07-23
Elbonia

swhx7

Premium Member

Is this a useful quiz?

Also discussed here: »Can You Identify Phishing?

I won't repeat my rant, but some legit sites have grammar/spelling errors, and you can't be expected to know exactly which variation of a logo a company uses, or that sort of thing. Look at the URL first, and then consider what info the page asks for and why you would give it.

And if some of the pics in the quiz still don't have URLs showing, it's a bogus quiz designed to sell you something.

••••

retrogame
join:2003-04-14
Auburn, MA

retrogame

Member

It's my birthday

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru
45071419 (banned)
join:2006-07-30

45071419 (banned)

Member

Re: It's my birthday

10/10, only because I know what the login page for Amazon looks like.

Jim Gurd
Premium Member
join:2000-07-08
Livonia, MI

Jim Gurd

Premium Member

8/10

Click for full size
This is allegedly the real site but look at the message I highlighted. That's why I suspected it was the fake.
I got this one wrong as well as the SSL one. The SSL question is kind of misleading though. Sure a fake site could have a certificate but the name wouldn't match the site they were impersonating so it's not really much of a threat.

••••

Quiglag
God is Love
Premium Member
join:2004-09-19
Ontario, CA

Quiglag

Premium Member

10/10 here

I got a 10 out of 10, but my common practice is to never click on any link in an email if it is something i have to login to use. I will just type in the address myself. Places like ebay or paypal will also have the message listed when you log in.

stomp357
join:2003-04-13
Lake Charles, LA

stomp357

Member

Re: 10/10 here

said by Quiglag:

I got a 10 out of 10, but my common practice is to never click on any link in an email if it is something i have to login to use. I will just type in the address myself. Places like ebay or paypal will also have the message listed when you log in.
Yeah. The last time I clicked an email link was a few years back. I ended up with some spyware, and formatted, and reinstalled OS to get rid of it as Adaware, & Spybot S&D couldn't get rid of it.
jkb246
join:2000-03-18
Carmel, IN

jkb246

Member

10 out of 10, but that Amazon ? was really hard

Had to look at that Amazon site for a min before I selected the right one. Good quiz. I'm going to send it to my mom before she is caught in the net
Zoly
join:2004-01-04
Houston, TX

Zoly

Member

10 out of 10

Yeh, I have passed the test but it doesn't mean anything though...
2 years ago my CC was charged online for $5000, right 1 month after lexus nexus lost a big portion of their database.

Capital One called me to ask about suspicious charges around 2 am and I said I never ordered those things...

All I had to do is to destroy my CC and they sent me a new one...
oonja
join:2007-04-25
Wilsonville, OR

oonja

Member

Bad Question

I got 8 out of 10 but the check who the email is from is a bad question. Looking for a bad sender name or domain is a legit way of finding a phishing scam. True good scammers can fake that, but it is still one of the first things you look for.

Sorian
Nothing To See Here
Premium Member
join:2001-08-15
Everett, WA

Sorian

Premium Member

Re: Bad Question

You don't have to be a good scammer to change the sender name. Changing the sender name is very easy.
thehinge
join:2005-11-07

thehinge

Member

Spelling:

I think I see why one should be suspicious about spelling and grammar. Some guy spoofing a website can't or won't get like thirty people to check out the site to be sure it's professional. An organization like an online bank would probably proofread for a couple of days before posting, I think.
OCP
Premium Member
join:2004-10-11
USA

OCP

Premium Member

9/10

I did not notice the grammar errors. Good tip though. I expected it to be easier.

••••
page: 1 · 2 · next