How much do you know about phishing?
According to Beaming’s research, 29% of SMEs fell victim to phishing last year, making it by far the most likely route of entry for cyber crime against your business.
Take the quiz below to see how much you know about phishing, once you’ve finished you can share with colleagues and compare scores.
Well done, it looks like you’re pretty cyber savvy. Make sure you keep that knowledge up to date by subscribing to our cyber threat report.
Subscribe to the Cyber Threat Report
It looks like you still have a couple of things to learn about phishing. Don’t worry; Fill in your details below to download our Business Guide to Phishing and you’ll soon have the knowledge you need. You can scroll thorugh your answers below to see the correct responses with an explanation.
Download the Business Guide to Phishing
#1. Which of these is most likely an example of “whaling”?
Whaling is a phishing attempt targeting the “big fish” in a business, such as the CEO or CFO.
#2. You receive an email from HR that says the notes from your recent appraisal are attached. You haven’t had an appraisal recently but a colleague has. What do you do?
Scammers may try to spark your curiosity in order to get you to open a link that will download malware to your device.
#3. Someone claiming to be your internet service provider phones to say they think you’ve been hacked. They want you to allow them remote access to your PC to fix the problem.
Cyber attackers may pose as an “authority figure” you trust in order to gain access to your systems. This is a common type of attack because it also takes advantage of many people’s fear of technology. With a handful of very popular ISPs in the UK, it’s easy for scammers to take a stab at which ISP provides your connectivity to give legitimacy to their request.
#4. Which of these is a phishing email unlikely to do?
Just opening an email won’t run malware, so it’s a cyber criminals “job” to make you carry out an action such as downloading an attachment or clicking on a link.
#5. Which of these is an example of smishing?
Smishing is “SMS phishing”.
#6. You’ve been emailing back and forth with a new supplier, Smith’s Stationery and the time has come to pay their invoice. How do you proceed?
The bank won’t be able to give you the company’s details, but you should check verbally with the business that you have the correct details; scammers can infiltrate an email thread so even if you sent the first email you may not necessarily be safe. It’s always best to check!
#7. Which of these is a way to help prevent being phished?
All of these are ways to protect against phishing.
#8. What kind of data is the least likely target of a phishing attack?
Your clothing size is probably not of interest to cyber criminals.
#9. You’ve received the email above, you know you shouldn’t click that link, but what action should you take?
Some email providers encourage you to send them spam emails that made it through their filters so they can improve their services, but don’t send a phishing email to any address besides the one they provide for this purpose. Even if you’re forwarding a phishing email as a warning you’re increasing the risk of someone else falling victim. Press shift delete to permanently delete the email and then warn people verbally if you’d like to.
#10. Your “digital footprint” consists of information about yourself or your business that you’ve made available (knowingly or not) online. Which part of your digital footprint is least likely to be used to engineer a phishing attack?
Although cookies stored by a website are part of your digital footprint, they can’t be used to identify you personally and are not widely available so are very unlikely to be used for phishing.