Phishing attacks are one of the most common threats to internet users' security.
So Google wants to help prevent you from getting duped by hackers with a new phishing quiz developed by Jigsaw, the company's tech incubator.
The eight-question quiz takes users through a number of phishing scenarios and tests whether they can tell when a hypothetical attack is real or not.
Scroll down for video
Google's tech incubator, Jigsaw, created a quiz that takes users through a number of phishing scenarios and tests whether or not they can tell when a hypothetical attack is real or not
'Every day millions of people click on bogus links in phishing emails - messages designed to steal your password or make you download malware,' Jigsaw explained in a blog post.
'That's why we created a quiz that helps you learn to better spot phishing emails, complete with the latest tricks and techniques.'
Jigsaw said it created the quiz based on real phishing attempts and by studying the 'latest techniques' deployed by hackers.
After users sign up with their name and email - neither of which has to be real - they're shown a series of phishing examples.
For each slide, users can choose between two buttons - 'Phishing' or 'Legitimate,' if they believe the email is real.
Google will then tell you if your selection is correct or incorrect.
Jigsaw, Google's tech incubator unit, said it created the quiz based on real examples of phishing attempts and by studying the 'latest techniques' deployed by attackers
Users can take the quiz multiple times and share their results with others. Jigsaw said it developed the quiz because phishing emails trick millions of internet users each day
It'll also tell users why the email was legitimate or fake using a series of pop-ups on the screen.
In cases where it was a phishing email, many of the same tactics were used several times.
For example, hypothetical hackers might hide a phishing link in an email directing users to a malicious version of Google Drive.
Users can tell that it's a phishing attack by noticing that the link starts with 'htt,' instead of 'https.'
It also linked out to a site with the URL 'drive--google.com,' which is incorrect.
For each slide, users can choose between two buttons - 'Phishing' or 'Legitimate,' if they believe the email is real. Google will then tell you if your selection is correct or incorrect
Each slide will also tell users why the email was legitimate or fake using a series of pop-ups on the screen. In cases where it was a phishing email, the same tactics were used several times
For example, hackers might hide a phishing link in an email directing users to a malicious version of Google Drive. It links out to the URL 'drive--google.com,' which is incorrect
In another case, the sender's email address may look strange upon closer inspection.
One question in the quiz tells the user that they've received a new fax message.
But if users look at the email address, it's from 'efacks.com,' instead of 'efax.com.'
Actual hackers employ this trick all the time, subtly spelling the sender's email or the URL incorrectly so that users mistake it as the real thing.
Email services such as Gmail are increasingly able to detect these emails before they hit your inbox, thanks to technology like machine learning.
But hackers have gotten more sophisticated in recent years, which requires internet users to be more careful when they click on a link in an email or download an attachment.
One question in the quiz tells the user that they've received a new fax message. But if users look at the email address, it's from 'efacks.com,' instead of 'efax.com'
Almost anyone can fall prey to a phishing email - as illustrated by the fact that this Dailymail.com reporter only got 6 out 8 questions correct on the quiz.
Jigsaw even used real phishing scenarios to help it formulate examples for the test.
In 2016, John Podesta, Hillary Clinton's campaign manager, received a phishing email from Russian hackers that gave them access to his email account.
One example also takes after a real phishing attack that hit Google in 2017, when nearly 1 million users unknowingly clicked a link in an email that sent them to a malicious Google Doc site.
To protect from incidents such as these in the future, Jigsaw recommends that users have two-factor authentication enabled, which requires users to enter a password and a secure verification code each time they login.
What is 'phishing' and how do you avoid getting scammed?
Phishing involves cyber-criminals attempting to steal personal information such as online passwords, bank details or money from an unsuspecting victim.
Very often, the criminal will use an email, phone call or even a fake website pretending to be from a reputable company.
The criminals can use personal details to complete profiles on a victim which can be sold on the dark web.
Cyber criminals will use emails in an effort to elicit personal information from victims in order to commit fraud or infect the user's computer for nefarious purposes
Some phishing attempts involve criminals sending out infected files in emails in order to take control of a victim's computer.
Any from of social media or electronic communication can form part of a phishing attempt.
Action Fraud warn that you should never assume an incoming message is from a genuine company - especially if it asks for a payment or wants you to log on to an online account.
Banks and other financial institutions will never email looking for passwords or other sensitive information.
An effected spam filter should protect from most of the malicious messages, although the user should never call the number at the bottom of a suspicious email or follow their link.
Experts advise that customers should call the organisation directly to see if the attempted communication was genuine.
According to Action Fraud: 'Phishing emails encourage you to visit the bogus websites.
'They usually come with an important-sounding excuse for you to act on the email, such as telling you your bank details have been compromised, or claim they’re from a business or agency and you’re entitled to a refund, rebate, reward or discount.
'The email tells you to follow a link to enter crucial information such as login details, personal information, bank account details or anything else that can be used to defraud you.
'Alternatively, the phishing email may try to encourage you to download an attachment. The email claims it’s something useful, such as a coupon to be used for a discount, a form to fill in to claim a tax rebate, or a piece of software to add security to your phone or computer.
'In reality, it’s a virus that infects your phone or computer with malware, which is designed to steal any personal or banking details you’ve saved or hold your device to ransom to get you to pay a fee.'
https://textbacklinkexchanges.com/category/the-sun-world/
https://textbacklinkexchanges.com/are-you-too-smart-to-fall-for-an-online-scam-google-quiz-tests-if-users-can-spot-phishing-emails-2/
News Photo Are YOU too smart to fall for an online scam? Google quiz tests if users can spot phishing emails
Advertising
You don’t have to pack away your bikini just because you’re the wrong side of 20. These body-beautiful stars reveal their secrets to staying in shape and prove you can smoulder in a two-piece, whatever your age. Read on and be bikini inspired!
Kim says: “I am no super-thin Hollywood actress. I am built for men who like women to look like women.”
https://cdn-images-1.medium.com/max/1200/1*peEuZxwlwelFX2TFSwJAJQ.gif
Комментариев нет:
Отправить комментарий