[ad_1]
Recognizing emails designed to steal your pbadword or encourage you to install malware is perhaps the most important cybersecurity skill.
People are trapped in phishing emails every day. In fact, phishing was involved in 70% of the violations last year, according to the Verizon Data Violations Investigation Report. And despite the awareness efforts, phishing still works. According to the Internet security company Cofense, nearly 11% of people who receive a phishing email are waiting for it.
Jigsaw, the subsidiary of Alphabet, has just launched a quiz to teach users how to detect phishing emails.
The questionnaire contains eight examples of potentially malicious e-mails, all inspired by real phishing emails that Google has seen in the wild.
There's even an example inspired by e-mails that have deceived Hillary Clinton campaign manager and veteran Republican politician Colin Powell for giving his pbadwords to Russian hackers.
As an experienced cybersecurity journalist, I like to believe that my paranoia levels are quite high and that I should therefore be good enough to detect phishing emails. But even I was not perfect: I correctly identified seven of the eight emails.
Do you have a tip? You can contact this reporter securely on Signal at +1 917 257 1382, on the OTR chat at [email protected] or by email at [email protected].
For people who are not as well trained and accustomed to being vigilant as me, this quiz is a very good opportunity to learn. After each answer in the quiz, he explains the signs to check to determine if the email was legitimate or malicious.
And congratulations to Jigsaw for including an inspired example of Google Snafu, in which the company sent a confusing Gmail security alert that looked like a phishing attempt, as well as a huge Google Doc phishing worm that hit about one million users.
Listen to CYBER, The new weekly podcast of the motherboard on hacking and cybersecurity.
Source link
