Register New Player
Welcome to our world of fun trivia quizzes and quiz games:
A Phishing Expedition
"Almost everybody on the Internet has received phishing emails -- attempts by scam artists to get our personal and financial information by pretending to represent banks, retailers, and other legitimate sites. Let's take a look at what's really going on."
15 Points Per Correct Answer - No time limit
For the most part, phishing attacks arrive in email inboxes and instant messenger windows -- but despite their technical trappings, their method represents a very old category of fraud. Which of these terms best describes how phishing works?
Denial of service
"Phishing" is an odd-looking word, but its origins aren't very mysterious. The perpetrators of these attacks are fishing for sensitive information and account logons, and substituting a "ph" for a good, honest "f" is classic hacker lingo. That "ph" substitution came from phone phreaking, a popular hacker pastime in the 1980s. What did phone phreaking entail?
Hacking telephone services to make free calls
Getting access to unlisted telephone numbers
Destroying telephone-company infrastructure
Making prank telephone calls to authority figures
A phisher has a number of tricks available for making the URL of a phony website look like the URL of a legitimate one. For example, you might receive an email that urgently directs you to click on a link like www.YourBank.phish.com. Can you be sure that this URL belongs to YourBank?
Yes. If 'YourBank' appears anywhere in the URL, it must point to YourBank.
No. It points to a page on phish.com, not on YourBank.com.
Yes. No phisher would be permitted to register a .com URL.
No. Without an http:// in front, you can't tell where it points.
Another phishing trick is to exploit the fact that, in many English fonts, different characters can look very similar -- so a link in an e-mail might look legitimate even though it's slightly misspelled. Which of these is NOT a source of confusion in many English computer fonts?
If you type a lower-case V next to a lower-case V, it looks like a lower-case W.
If you type a lower-case O next to a lower-case O, it looks like the number 8.
The upper-case letter O looks like the number 0.
The lower-case letter L looks like the number 1 or the upper-case letter I.
Here's another type of phishing misdirection: the link that's an outright lie! Suppose you receive an email, purporting to be from Legitimate Bank, that gives a hyperlink for you to click on: http://www.LegitimateBank.com. The displayed address looks good - but when you click on it, you're taken straight to http://www.EvilLaughter.com. What's the most likely explanation for this?
You clicked on the wrong part of the hyperlink.
The LegitimateBank.com webpage has been hijacked to redirect you.
The displayed text for the hyperlink doesn't match the place it links to.
Your internet service provider has been bribed to take you to the wrong place.
Sometimes, you can spot a phishing site by its security -- or lack thereof. A Secure Socket Layer (SSL) connection is supposed to give you some confidence that you're communicating with the site you expect. Which of these is a way of initiating an SSL connection?
Switching to a new Ethernet cable
Typing https:// in front of the site address
Opening the site in a fresh tab
Flipping the security switch on your Ethernet or wireless card
You can always tell when you're being phished, because the look and feel of a legitimate website are very hard for a phisher to duplicate.
Most phishers cast a wide net, sending their emails to millions of randomly chosen potential victims. Most of these emails have no chance of success, since most recipients have no business with the company the phisher is spoofing. But some phishers take a more targeted approach. Which of these phrases refers to phishing attacks that are tailored to a particular person or group of people?
Banking sites may be the most appealing targets for a phisher, but other sites -- like online stores, forums, and e-mail providers -- can also provide an attacker with a useful prize. What sort of information is a phisher LEAST likely to gain from a successful phishing attack on, say, an account at an online retailer?
The user's signature
The user's contact and identification information
The user's login information
The user's saved credit cards or other payment information
Let's say that I sit down at my computer to find an urgent e-mail. It says it's from my bank, and that there's been suspicious activity on my debit card, so my account has been temporarily de-activated. For security, I need to click on the provided link and verify my account information.
Which of the following should I NOT do in this situation?
Click on the provided link
Visit the bank's local branch and speak with a teller
Call the phone number on the back of my card
Access my bank website using a search engine or a bookmark
Copyright, FunTrivia.com. All Rights Reserved.
Legal / Conditions of Use
Compiled May 23 13