Presentation is loading. Please wait.

Presentation is loading. Please wait.

Take the Quiz and find out more!

Published byChristopher Allen Modified over 6 years ago

Similar presentations

Presentation on theme: "Take the Quiz and find out more!"— Presentation transcript:

1 Take the Quiz and find out more!
Spot the Phish Quiz Take the Quiz and find out more!

2 About the Quiz Start Quiz INTERNAL
You receive s from banks, e-commerce vendors and other organizations each day. Unfortunately, cyber criminals also send out fake s that look like they are from credible senders with the intention of stealing your valuable information. By clicking on a malicious link, downloading an infected file or visiting a suspicious website, you may have given cyber crimnals access to your information without even knowing it. So, how can you tell the difference between a real and a fake ? Take the quiz and find out more We have collected a set of examples at BASF to help you test your ability to identify a phishing scam. Please note that this quiz is just an exercise. It does not contain any factual information. it has been developed for internal training purposes in order to enable BASF employees to better identify phishing mails. To begin, start the presentation mode in PowerPoint. Then, click the "Start Quiz" button below. Each example will be displayed one at a time on a slide. You decide if the is a "Phish" or “Real." After each example, you will find out the correct answer and"why“ an was a phishing mail or a real one. Good Luck! Start Quiz INTERNAL

3 Example 1 Real or fake? Real Fake INTERNAL

4 Example 1: Malicious attachment in email What’s phishy about this email?
Sender seems to be an important authority Fake! Example of spelling & grammar errors Request to open the attachment Reference to a specific tax transaction An „executable“ file as the tax transaction report x Real ü Fake INTERNAL

5 Example 2 Real or fake? Real Fake INTERNAL
You are sent an with a link from your bank to update your bank account details. The link takes you to this site: Real Fake INTERNAL

6 Example 2: Link to a fake website What’s phishy about this email?
How to identify the domain Read from left to right from the first single “/” until the second period of a URL. (Here the domain: „banksofamerica-wellsfargo.com“) Illegitimate domain Fake! Request to log into your bank account x Real ü Fake INTERNAL

7 Example 3 Real or fake? Real Fake INTERNAL

8 Example 3: Trustworthy link and URL What’s phishy about this email?
General request to change passwords without links Real! Legitimate sender Correct contact signature Legitimate Domain ü x Real Fake INTERNAL

9 Example 4 Real or fake? Real Fake INTERNAL

10 Example 4: Malicious attachment in email What’s phishy about this email?
Mismatch between sender and the content of the Fake! Time pressure imposed through provision of a deadline Reference to a specific transaction Serious consequences if no action is taken Indirect request to open the attachment x Real ü Fake „.zip“ file as a report Unknown contact with missing contact details INTERNAL

11 Example 5 Real or fake? Real Fake INTERNAL

12 Example 5: Suspicious, unknown sender What’s phishy about this email?
False, non-BASF account = „Outlock“? The sender pretends to own a BASF account by entering a fake address in cc. How? The „I“ in „“Stefanie“ is really an „L“ Fake! Authoritative pressure from HR Manager. Time pressure imposed through provision of a deadline Request for sensitive information Example of spelling & grammar errors This is a case of Spearphishing , i.e. a phishing scam targeting specific individuals or groups. A spearphishing may include personal contact details and other information that can fool a recipient into believing that the was sent by a legitimate sender. x Real ü Fake Incorrect BASF signature missing contact details INTERNAL

13 Congratulations! You have completed the quiz!
Remember: If you receive a suspicious from an unknown sender or an that may have a malicious link or attachment, then do not click on the link or open the attachment. Please report it by clicking on the Phishing Button in Outlook. If you become a victim of a phishing scam: Inform your supervisor and Information Protection Officer. Further, if you may have unintentionally released information as a result of a scam or phishing mail, please take measures to notify your supervisor and other affected parties. Checklist: What indicates a suspicious ? Mismatch between the name of the sender and the content of the Links to unknown websites Unsolicited request for sensitive information Unsolicited attachments that you are asked to view or update Spelling and grammatical errors Unrealistic story – “too good to be true” Pressure to answer questions (e.g. time or authoritative pressure) Reference made to orders, deliveries or outstanding bills INTERNAL

14

Download ppt "Take the Quiz and find out more!"

Similar presentations

What Are Scams? Scams are designed to trick you into giving away your money or your personal details. Scams come to you in many forms – by mail, email,

What Are Scams? Scams are designed to trick you into giving away your money or your personal details. Scams come to you in many forms – by mail, ,
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
What is identity theft, and how can you protect yourself from it?

What is identity theft, and how can you protect yourself from it?
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.

SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
A few simple steps, hints and tips to figure out if it is indeed fake. - By Emily Breuss.

A few simple steps, hints and tips to figure out if it is indeed fake. - By Emily Breuss.
Jason Rich CIS - 158 1.  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.

Jason Rich CIS  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Teach a man (person) to Phish Recognizing email scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.

Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Oracle Method | Group Delivery Together. Free your energies New Supplier Registration.

Oracle Method | Group Delivery Together. Free your energies New Supplier Registration.
ICT Essential Skills. Email (electronic mail) Snail Mail.

ICT Essential Skills. (electronic mail) Snail Mail.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Social Engineering Training. Why Social Engineering Training? The Department of Energy (DOE) authorized the Red Team to perform vulnerability assessments.

Social Engineering Training. Why Social Engineering Training? The Department of Energy (DOE) authorized the Red Team to perform vulnerability assessments.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Keeping Information Safe Task 4. Basic security measures Passwords Change password on regular basis Do not use names or words easily linked to yourself.

Keeping Information Safe Task 4. Basic security measures Passwords Change password on regular basis Do not use names or words easily linked to yourself.
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.

WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
Scams & Schemes Common Sense Media.

Scams & Schemes Common Sense Media.

Similar presentations

Ads by Google