Phishing--trying to trick someone into providing their username and password to a malicious site--is the most common form of cyberattack, according to Justin Henck, product manager at Jigsaw, formerly named Google Ideas. With that in mind, Jigsaw is providing an 8-question online quiz about spotting a phishing email before you give hackers access to your accounts. It's not as easy as you'd think, but the quiz will teach you to be better at it.
If you ever got an email claiming to be from a foreign royal family member who needs to park some money in an American bank account, I bet you knew better than to reply with your account number. But what about an email that appears to contain photos from your child's school? Or--an email I received just today--a PDF about business account services that seemed to come from American Express?
If you've fallen for phishing in the past, don't be ashamed--almost everyone does some time or other. In my early days on Twitter, someone I knew sent a direct message with what seemed to be a link to a photo and the line "LOL is this you?" I clicked on it and then entered my Twitter password. A day or two later, my Twitter followers started reporting that my account had been sending them porn. My husband had it even worse. He once downloaded a document that seemed to come from someone he knew and--after popping up a mocking message--it promptly erased his entire hard drive.
To help protect users from phishing attacks, Jigsaw has created a quiz only eight questions long that will let you test your ability to distinguish real emails from phishing ones and help you learn to spot the differences. "It's not always as easy as it looks -- attackers have become more sophisticated at making their phishing attempts seem legit," Henck writes in a Medium post. The quiz was designed to take into account the latest and most sophisticated phishing techniques, and is based on security training with more than 10,000 journalists, activists, and politicians around the world.