One of the best security defenses in protecting your online accounts and your password is being able to spot and recognize a phishing email (or the nefarious new “smishing” scams). With phishing attacks disguised in billions of emails every year, according to Google, and millions of people clicking the malicious links in these messages each day, the threat is real. Thankfully, Google has designed a quiz to help educate internet users on how to spot these messages to avoid becoming a victim of phishing.
Be sure to take Google’s phishing quiz and log on with your Google account to learn more about how to identify a phishing attack from a normal email message.
When a hacker or a malicious actor sends a phishing email, their intent is to steal your login, password, or lure you into divulging personal or sensitive information. These messages can ask for your information within the body, or compel you to click on a malicious link that will download malware onto your computer to log your keystrokes as you’re typing.
“We created this quiz based on the security trainings we’ve held with nearly 10,000 journalists, activists, and political leaders around the world from Ukraine to Syria to Ecuador,” Google lead product manager Justin Henck wrote in a blog post announcing the phishing quiz. “We’ve studied the latest techniques attackers use and designed the quiz to teach people how to spot them.”
Citing highly publicized phishing attacks, like the spear-phishing email sent to former presidential candidate Hillary Clinton’s campaign manager John Podesta, Henck noted that the best way to safeguard your account against phishing is by using multi-factor authentication. In Podesta’s case, because he didn’t have two-factor authentication on his account, hackers were able to use the login credentials gained through the spear-phishing campaign to access his email. If you haven’t set up multi-factor authentication on your email, Facebook, or Twitter accounts, be sure to read our guide on how to do so. Additionally, to prevent phishing, Google also gave its employees USB security keys to protect their accounts.
A good second line of defense is being able to recognize phishing emails, so be sure to take the phishing quiz.