Quiz Answer Key and Fun Facts
1. For the most part, phishing attacks arrive in email inboxes and instant messenger windows -- but despite their technical trappings, their method represents a very old category of fraud. Which of these terms best describes how phishing works?
2. "Phishing" is an odd-looking word, but its origins aren't very mysterious. The perpetrators of these attacks are fishing for sensitive information and account logons, and substituting a "ph" for a good, honest "f" is classic hacker lingo. That "ph" substitution came from phone phreaking, a popular hacker pastime in the 1980s. What did phone phreaking entail?
3. A phisher has a number of tricks available for making the URL of a phony website look like the URL of a legitimate one. For example, you might receive an email that urgently directs you to click on a link like www.YourBank.phish.com. Can you be sure that this URL belongs to YourBank?
4. Another phishing trick is to exploit the fact that, in many English fonts, different characters can look very similar -- so a link in an e-mail might look legitimate even though it's slightly misspelled. Which of these is NOT a source of confusion in many English computer fonts?
5. Here's another type of phishing misdirection: the link that's an outright lie! Suppose you receive an email, purporting to be from Legitimate Bank, that gives a hyperlink for you to click on: http://www.LegitimateBank.com. The displayed address looks good - but when you click on it, you're taken straight to http://www.EvilLaughter.com. What's the most likely explanation for this?
6. Sometimes, you can spot a phishing site by its security -- or lack thereof. A Secure Socket Layer (SSL) connection is supposed to give you some confidence that you're communicating with the site you expect. Which of these is a way of initiating an SSL connection?
7. You can always tell when you're being phished, because the look and feel of a legitimate website are very hard for a phisher to duplicate.
8. Most phishers cast a wide net, sending their emails to millions of randomly chosen potential victims. Most of these emails have no chance of success, since most recipients have no business with the company the phisher is spoofing. But some phishers take a more targeted approach. Which of these phrases refers to phishing attacks that are tailored to a particular person or group of people?
9. Banking sites may be the most appealing targets for a phisher, but other sites -- like online stores, forums, and e-mail providers -- can also provide an attacker with a useful prize. What sort of information is a phisher LEAST likely to gain from a successful phishing attack on, say, an account at an online retailer?
10. Let's say that I sit down at my computer to find an urgent e-mail. It says it's from my bank, and that there's been suspicious activity on my debit card, so my account has been temporarily de-activated. For security, I need to click on the provided link and verify my account information.
Which of the following should I NOT do in this situation?
Source: Author CellarDoor
This quiz was reviewed by FunTrivia editor gtho4
before going online.
Any errors found in FunTrivia content are routinely corrected through our feedback system.