Spyware, viruses, & security : Test your Phishing IQ (quiz)
- 6/22/05 6:09 PM
8 out of 10 Stil and eye opener
by mr_guns - 6/24/05 6:46 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
Chase and Network Solutions got me. Thought I would ace this, but it makes you think. I still wouldn't click on the Chase link I'd go to the site directly and I would have just ignored the Network Solution one so I'd still be safe. These thiefs are getting smarter, it's scarey.
Great Test
by fvb11 - 6/24/05 6:51 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
I got 9 0f 10 right. this shows people how these things work. My rule I tell only them only what I want them to know and only if I make a secure purchase.To update any info I contact them and make any changes in my profile.
Just don't open them!
by xanophile - 6/24/05 6:52 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
Unless you wrote first and you're waiting for a reply, it's a scam. Plain and simple. Anyone who opens and replies to emails from anyone they aren't expecting a reply from, or who isn't thier best friend, deserves to be screwed over.
Personally, I'm tired of people who fall for this crap. They're the reson it keeps going. If you answered that ANY of the 10 companies were legit, then just shut down your computer and never boot it up again. The web is better off without you.
the phishing test
by bpaolucci - 6/24/05 7:15 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
I was suspicious of all of them and labeled all as phishing scams. So I ended up 1/2 right.
It seems the key to avoiding these things is to assume you may not be able to figure out if the email is a scam or not; delete the one you received and open the browser and go to the web site to be sure you reach the intended site.
I have been receiving a different kind of scam emails lately. I've kept them in my junk mail folder and notified the FBI - who really isn't very interested in following up on these things.
I've been getting 'African Doctor' emails looking for me to either turn over kittens for an extremely high amount of money and those bank scams where the depositor has a ton of money in the bank, the sender works for the bank, and the depositor died with no known relatives. Would I help get the money out and we can split it. Of course, with both of these scams you need to put up some money first.
While these are obvious scams as opposed to the phishing scams you show that are much more subtle and much more easily believed to be from the trusted source; what I find troubling is that the FBI doesn't really care and really doesn't want to be bothered about this kind of fraud.
Barbara
Re: The FBI
by Themisive - 6/24/05 2:29 PM In reply to: the phishing test by bpaolucciDon't forget, America isn't the only country in the world, in fact most of your laws come from the UK. Wouldn't it be better to have an international team tackle this type of fraud - and I do mean international, not just UK and US.
Phishing Fraud
by AlecJ248 - 6/24/05 7:19 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
Just to add my reactions. I managed 8/10, because I've seen genuine examples of most of the tryons here. If I was a customer for any of the organisations listed who got this sort of message, specially if it requested "logging in" via a link when I wasn't expecting a request to contact them, I would go to their site via my saved "Favorite places" links rather than click on the email link. I was still fooled by two of the attacks.
10 out of 10 (get Tips and Tricks here)
by orangehead911 - 6/24/05 7:22 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
I guess spotting phishing emails will become harder as the phisers start using better, more professional looking email templates.
A great way to avoid getting fooled by a phishing email is: use Mozilla products!
On my PC laptop I use Firefox with the SpoofStick extension, and ThunderBird for email.
FireFox also has excellent cookie controls and blocks pop-ups out of the box! No need to download suspect pop-up blocking tool bars, which might contain spyware.
SpoofStick ( http://www.corestreet.com/spoofstick/ ) shows you the domain name of the website you're visiting is indeed the one you meant to visit. With international domain names (IDN) you can create domain names which will show up in your browsers address bar as the real deal. Look at this convincing browser test: http://www.shmoo.com/idn/
ThunderBird does not run ANY scripts which might be embedded in an email. Furthermore, there is a setting where you can choose whether to load images in an email automatically or not. Spammers use a technique of encoding "your" spam identity into the image URLs. So, even if you don't click on a link in the spam email, but load the images, the spammers will know that your email address is valid. This increases the value of your email address to these scumbags.
One crucial feature of ThunderBird is that it shows you the true destination of a link in an email. Just hover you mouse pointer over the link, and then look in the bottom status area. The link will be shown in its true form.
Good luck and stay safe!
You'll still be phished
by Themisive - 6/24/05 2:33 PM In reply to: 10 out of 10 (get Tips and Tricks here) by orangehead911My son uses Mozilla, I use IE6, we both get phished. As far as the others are concerned, I have friends who tell me the regularly are phished using Firefox (they were told it was safe), and as for Thunderbird, the least said the better.
I think the test is bogus -- they were all frauds IMO
by Cadillac84 - 6/24/05 7:24 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
Every example which the quiz said was legitimate is a replica of one which I have received and have NOT fallen for. The first question is, why should Bank of America need info from me if I don't even have one of their cards?
Earthlink is another one. I do have an Earthlink account and they do communicate by email. However, I have talked to the customer service people on the telephone as I read very, very legitimate looking emails from Earthlink. The bottom line? ''Please forward that message to fraud@earthlink.net -- we did not do that!''
Rule of thumb: IF IN DOUBT, INTENTIONALLY USE WRONG PASSWORD. Use the password ''uarafish'' and see if you get in. IF so, you have been phished.
Also, when you click the link in the email, you are sending your IP address, the MAC address of your modem or network card, your Intranet IP if you are on a LAN or home network, and you are verifying that the email address to which the spam/phish was mailed is a good address. Also, you have verified that you are an idiot who will click links in emails you get from unknown places.
IF you think the email is legitimate, for example from Earthlink about email, open a new browser window and type in www.springmail.com and then you will be directed to the https (secure) server for your area. Type in your email address and pw and log into your account and click on email preferences or whatever.
I ABSOLUTELY NEVER NEVER NEVER click links in email from any of these sources.
My score was low because I said every blessed one of them was a fraud -- and I think I'm more right than the surveyor.
No wonder so many people are getting phished. I quit having trouble with telemarketers long before the Nation Do Not Call Register was invented. It doesn't take them long to realize that if they call 555-meee, they're gonna get a rude sob that will tell them ''Not interested! (click)''
Phishing IQ Test
by dhporter - 6/24/05 7:35 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
Folks, they are ALL phishing scams. There is no such thing as a legitimate unsolicited email offer. EVER!PERIOD! There are no exceptions to this rule.
The only legitimate email business transaction is one that YOU initiate with a known business, one that YOU initiated a relationship with, and even then it should NEVER be a response to an unsolicited email from them.
I got 70% but.......
by tersans - 6/24/05 7:49 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
In taking the test one has to make assumption about each e-mail. In the three I missed I choose the correct answer for me because I did no have an account. Any e-mail that asks me to "log into my account" I automatically delete as log-ins can be potentially "caught" and you may be giving away some basic information away. My moto is If any (stress any)in doubt delete regardless.
50 to 100% right
by irdac - 6/24/05 7:52 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
I rejected all but one of the legitimate ones as possible phishing. This is because I am extremely careful and follow the practice of replying only where necessary and only through known URLs I type in. This is what is recommended on all the comments on the samples. I get 2 or 3 paypal phishing attempts per week but I never use paypal so I am safe in deleting them unread.
PayPal
by Themisive - 6/24/05 2:36 PM In reply to: 50 to 100% right by irdacWhat happens if you've a verified Paypal account?
Test a bit unfair
by W3ZJ - 6/24/05 7:56 AM In reply to: Test your Phishing IQ (quiz) by Lee Koo (ADMIN)
I scored only 60% on the test however all of my incorrect answers were on the safe side. That is I suspected fraud rather than assuming legitimate.
In the real world I would do better because I would know whether or not I should be receiving an ad from these companies. For example I don't have a Chase credit card so there is no way that I would legitimately receive such an email from them. Also, with real email I would have an opportunity to investigate any links to insure that they pointed to the legitimate site. Since there was no opportunity to do that in this test I consider that my score was actually 100% correct.
| Forum legend: | |
 |
Locked thread |
 |
Moderator |
 |
CNET staff |
 |
Samsung staff |
 |
Norton Authorized Support team |
 |
AVG staff |
 |
Windows Outreach team |
 |
Dell staff |
 |
Intel staff |
