Can you pass the phish test?

[John Connor]

I don't understand the UPS E-mail. Some of these I would have got if I seen them in my own browser. I mean, was I expecting this E-mail? would be a tip off and I would check with my bank or PayPal before I did anything with the E-mail. Got 60%.

http://www.sonicwall.com/furl/phishing/

 

[DigDog]

let me check that

yeah that test is "which one of these emails should you trust" and the answer is "none".

 

[K7SN]

let me check that

yeah that test is "which one of these emails should you trust" and the answer is "none".

I would never do the lazy response of following the provided link but would have prompted my to log into PayPal, eBay, Wells Fargo, Citibank and Chase. I got 60% because I didn't click phishing because I wasn't sure so I left no-answer which the test didn't like.

 

[Suspicious-Teach8788]

I don't understand the UPS E-mail. Some of these I would have got if I seen them in my own browser. I mean, was I expecting this E-mail? would be a tip off and I would check with my bank or PayPal before I did anything with the E-mail. Got 60%.

http://www.sonicwall.com/furl/phishing/

Well typically if they list your account number (last 4 digits) or your name, and its not a blatant LOGIN HERE link, then its usually not harmful. Example:

Dear John Connor (Account #XXXX-XXXX-XXXX-1234),

We're letting you to know that we've updated our TOS, you can read them HERE.

Thank you,
PayPal

That's not harmful. Common sense needs to be applied is all.

 

[DigDog]

my procedure is:

1. google "name on message" + "scam"
2. if zero results, google "name of company"
3. log on to main site
4. https? -> proceed to log on

i dont trust any email, not even legitimate ones(i.e. return address correspond to the business), i'll do everything through their main portal.

 

[corkyg]

...I dont trust any email, not even legitimate ones(i.e. return address correspond to the business), i'll do everything through their main portal.

Generally my sentiments as well. I screen all email with MailWasher Pro. If it is not something from a friend, or something I requested, I can delete it right on the POP server and never download it.

 

[Fardringle]

Honestly, there's a really simple way to weed out the vast majority of phishing scams if you're using a mail client.

First, many are so badly written and formatted that it's easy to tell they are garbage. Then, for the rare few that seem to be legitimate, just point the mouse at the link (do not click on it) and see what the real URL is. If it's not the same URL as the company claimed in the email, don't click.

 

[John Connor]

Then, for the rare few that seem to be legitimate, just point the mouse at the link (do not click on it) and see what the real URL is. If it's not the same URL as the company claimed in the email, don't click.

That's the thing that got me with UPS in the test. The URL looked valid but it's SPAM?

 

[PliotronX]

On a related note, watch out for sneaky URL names you guys. Some of our clients have been receiving very authentic looking e-mails but luckily so far they have had sharp eyes. One was faked as the president of the company (instilling urgency and a bit of fear to get something done) and the sender address carried the letters rn in place of m. We have been having to call registrars (usually Tucows, and their support is pissed that most of their support calls are striking down rogue registrants) to get the URLs taken offline. This is how the Blue Shield breach happened, URLs that are close to everyday usage and lead to fun things.

 

[Rakehellion]

I always delete those emails and go directly though the website.

 

[WackyDan]

Average company has 33% of employees click on and in phishing mails they send out as internal tests.

One of my customers has a 22% click rate and that is after doing education.

Spear phishing is far more dangerous though.

 

[DrPizza]

let me check that

yeah that test is "which one of these emails should you trust" and the answer is "none".

Meh, though I agree - always log in by typing the URL yourself and not clicking on a link in an email, several of those were real. 10/10 for me - I'm always suspicious. The simple mouse-over trick is generally sufficient to discern which are phishing attacks, though they're pretty good. E.g., paypal is payapl. A lot of people don't notice minor misspellings.

 

[matricks]

I got 90%. Bank of Choice got me (how can they mess up their From: header so badly?). If we actually had knowledge of this John Does connections I may have considered otherwise. This was a really poorly implemented test, as you can't do any of the actual checks you could in a real e-mail (for one, let me actually see the real URL if I want to). There are many tests like this that let you make a more informed decision.

That's the thing that got me with UPS in the test. The URL looked valid but it's SPAM?

In the title bar of the message it shows as Cyrilic encoded, that's what ticked phishing for me. Strangely, they aren't pointing that out in the "why" explanation. UPS has little reason to send messages in English encoded in Cyrilic, so I doubt it was coincidental. International domain names are often abused in phishing scams, where cyrilic characters are useful for registering visually similar domains, e.g. paypal.com vs. рayрal.com (most fonts don't show the difference, but copy paste to e.g. Windows command prompt or some other primitive textbox to notice).

 

[Scarpozzi]

I got 90% as well and also got hung up on the Bank of Choice.

I agree that if it's your Email box, you'll know more about the companies you do business with. I don't typically respond to any companies via Email and will deal directly with their websites or phone numbers.

It was a decent quiz though considering some of the basics they covered. Having the ability to copy link shortcuts or view headers and/or source of the messages would be nice. These days, most phishing scams are simply linking to web forms hosted on various servers to mimic whatever... Phishers can set those up and get the data they need fairly quickly and abandon the forms when they're done...

 

[Dude111]

I got 80% (2 wrong)

 

[JEDIYoda]

I got 90% was hung up on Bank of choice...

 

[Mike64]

I don't understand the UPS E-mail. Some of these I would have got if I seen them in my own browser. I mean, was I expecting this E-mail? would be a tip off and I would check with my bank or PayPal before I did anything with the E-mail. Got 60%.

http://www.sonicwall.com/furl/phishing/

I got 80%, but my two wrong answers were false positives, so I'm not real worried about being compromised. The only reason this test is relevant to me at all is that I do make a habit of forwarding phishing emails I'm pretty sure are spam to the "abuse" address of the spoofed company's domain (obtained via Google if necessary) in addition to marking the email as spam with my ISP.

Like several other posters, my primary defense is to never click on links in emails that involve signing in or otherwise providing data to any website. For that matter, I rarely even click on purely informational links (ads and so forth) unless I'm expecting the email. If it's from a business I deal with and it's not an obvious phishing email I'll simply ignore, I sign in to my account at the main portal I already have bookmarked and go from there, or call a phone number I already have.

Most of the relatively few phishing emails I get are nominally from businesses I've never heard of, let alone dealt with, anyway, which makes things really easy. And since I use a couple of different email addresses on a regular basis (I give different businesses different addresses based on my own idiosyncratic categorization of the relationship), an obvious tip-off is getting email purportedly from a company I do business with, but which was sent to the "wrong" address.