Foo - How good are you at detecting fakes?

Here's a good phishing test set up by McAfee to see how skilled you are at spotting scams online. take it and tell us how you did - be honest!

http://www.siteadvisor.com/quizzes/phishing_0707/

the trick is paying attention to detail

10/10

9 out of 10. Missed the last one.

8 of 10.

7/10.

It wasn't to hard, I just didn't understand the technical jargon.

6 of 10 and the 4 I missed were because I didn't answer either way because I don't paypal, shop Amazon, or bank online. I don't deal with AOL either...

9/10 here. Amazon one got me...it was pretty small details.

The others were more obvious, especially the ones that were obviously written by someone who wasn't fluent with the English language

"Because of unusual number of invalid login attempts on you account, we had belive that, their might be some security problem on you account. So we have dedicted to put an extra verification process"

NICE TRY NIGERIA!

Also, look at URLs... look for https instead of just http to indicate a secure site.

(10/10)

8/10

9/10. not bad.

9/10

The Amazon got me also.


"Also, look at URLs... look for https instead of just http to indicate a secure site."

That can be a clue, if its supposed to be a secure site, and the protocol indicates it isn't. But a phisher can create a fake "secure" site, so don't let that lull you into a false sense of security. The https indicates that the info exchanged with that site is encrypted to make it harder for snoops to intercept your passwords and other sensitive info. But the phisher on the other end of a fake "secure" site will still get what he wants.

http://en.wikipedia.org/wiki/HTTPS

8/10, Bank of America & Amazon. I use neither.

9/10 Amazon got me as well.

I think the best way to check, which works in every instance I've seen, is to look at the url. I get paypal phishing emails frequently, the first check is to see if the actual url is something like "http://n00bserver.net/thisisanauthenticloginsite/login.php"

And, while this again only works if you use a secure website frequently (like myself and paypal), often these fake sites will use an old layout of a website. Whenever there are password and other data fields, you can try just entering anything and seeing if it goes. Try entering a message into SSN or Credit Card #.

8/10
I remember reading the best way to figure out if a possibly fake page is trying to phish your password, is to enter any jibberish into the fields. A fake page will just record and accept anything. It's actually worked once when I was logged out of Myspace all the sudden; and a page popped up to log back in.

I put in some b.s. text and then the site went right back to where I was before. (my niece's profile, fyi).

The 'enter bs and see what happens' is actually a pretty good idea. I think a legit site will reject your nonsense, right? But a fake site, like you said, will just take whatever you put in and pretend like it is valid.

Not very good. I usually have to squeeze them.

Yes, a fake site will take anything you put in and then usually go back to what you were doing. So, you can put in a wrong password or any other information anytime you feel you're being scammed.

YOU ANSWERED 10 OF 10 QUESTIONS CORRECTLY
Rating: Safety Guru

9/10

I can't believe someone would enter all this stuff because of an unusual number of attempts. I would think that a person at the end of a 1-800 line would have to fix something, not you entering the numbers on the back of your card along with the account number!.

Bad kitty!

http://www.siteadvisor.com/quizzes/phishing_0707/quizzes/images/q7aLrg.jpg

5/10.. Man and I thought I was intrawebz savvy..

7/10

7/10, and not many people are going to able to spot those little problems on fake websites. Most of the links to them come from phishing emails, so avoiding them is the first step.

(9/10) the Paypal email.

9/10

Oops! I'm not telling my score but maybe I should not do anything over the internet.

10 for 10

Didn't really read all of any of them. The Capital One scam is the only one I had to look at a couple of times to make sure.

damn i thought this thread was going to be about breasts.

10/10

Not bad considering I've never seen most of those sites before :)

10/10. I'm the MAN! :lol:

... brad

10/10.

Suck on that, hax0rz. :p

9/10 the phishing about checking the name of the sender got me.

I always use that as a first check, along with the subject line to see if it's an email I want to look at more or not. Apparently when it said '1 way of checking' they meant if you do this your fine, don't bother checking any other way.

its not hard to spoof sender, so thats not too reliable.

its not hard to spoof sender, so thats not too reliable.

I'm aware, but its a decent first check along with reading the subject line to see if I actually want to open the email or not.

its not hard to spoof sender, so thats not too reliable.

Example, you can do it on web sites like this one: http://deadfake.com/

I'm aware, but its a decent first check along with reading the subject line to see if I actually want to open the email or not.

yeah I do that too.

Weirdest thing years ago, I got an email from myself that I didn't send :lol:

It was spam, somehow my hotmail address got onto some kind of list, and spammers used my address in their send fields. Then the idiots at hotmail closed my account, accused me of being a spammer. Apparently they didn't even bother to check if the spams were actually being sent from my account. This was during the first year of hotmail being offered.

yeah I do that too.

Weirdest thing years ago, I got an email from myself that I didn't send :lol:

It was spam, somehow my hotmail address got onto some kind of list, and spammers used my address in their send fields. Then the idiots at hotmail closed my account, accused me of being a spammer. Apparently they didn't even bother to check if the spams were actually being sent from my account. This was during the first year of hotmail being offered.

That's just awesome. We've considered sending out emails to everyone at the office mocking specific company wide pointless emails from a dummy name, but decided against it.

9/10, the sender name one.

However, I disagree with their answer. It's one good way out of a set of many ways.

It IS ridiculously easy to spoof, I could do it in about 30 seconds, but even then, I often see stuff like "Pay pal user acount upd8!" Seriously, if that's not a giveaway, I don't know what is.

10/10

But this is my job.

10/10 for me. The Amazon one was tricky, but I won't say why as that will make it easier for others.

9/10

I can't believe someone would enter all this stuff because of an unusual number of attempts. I would think that a person at the end of a 1-800 line would have to fix something, not you entering the numbers on the back of your card along with the account number!.

Bad kitty!

http://www.siteadvisor.com/quizzes/phishing_0707/quizzes/images/q7aLrg.jpg

Realizing that a large company like that would run spell before publishing something on a web site would have been another big giveaway. :p

Realizing that a large company like that would run spell before publishing something on a web site would have been another big giveaway. :p

+1 beeeelion

10/10

8/10, the myspace and paypal one's got me.