1) What is the most common goal of a phishing attack? a) To improve your internet speed b) To install helpful software on your device c) To steal personal or financial information d) To send you free gifts 2) What is 'Vishing'? a) Fake emails targeting specific individuals with personalized information b) Fraudulent phone calls pretending to be from trusted organizations c) Phishing scams sent via SMS/text messages d) Copying a legitimate email and resending it with malicious links 3) Why are QR code phishing scams increasing in 2025? a) They only work for payments b) They are outdated and unused c) People trust QR codes without checking the source d) QR codes are impossible to fake 4) What should you do if you accidentally click a phishing link? a) Enter your details quickly b) Ignore it if nothing bad happens c) Disconnect from the internet and run a malware scan d) Share it on social media 5) Which is NOT a sign of a malicious QR code? a) It’s printed on a public poster b) It redirects to a login page c) It shows a preview URL when scanned d) It’s embedded in a PDF 6) What is the best way to protect yourself from phishing? a) Using strong, unique passwords b) Sharing passwords with family members c) Enabling multi-factor authentication (MFA) d) Clicking on links to "verify" your account 7) What is 'Smishing'? a) Copying a legitimate email and resending it with malicious links b) Phishing scams sent via SMS/text messages c) Fraudulent phone calls pretending to be from trusted organizations d) Fake emails targeting specific individuals with personalized information 8) What is 'Clone Phishing'? a) Copying a legitimate email and resending it with malicious links b) Fake emails targeting specific individuals with personalized information c) Attacks focused on high-profile executives or senior management d) Fraudulent phone calls pretending to be from trusted organizations 9) A text message claims your bank account is locked and provides a link to "unlock" it. Which THREE of these should make you suspect it's phishing? (3 out of 5) a) It includes your bank's correct phone number b) The URL shows "secure-banklogin.com" instead of your bank's real domai c) The sender's number starts with the same area code as you d) The message uses threatening language like "Immediate action required" e) You didn't initiate any recent banking activity 10) A university "research portal" (univ-research[.]edu) requires signing in with your institutional email. The page has a valid TLS certificate and no typos. How can you check its legitimacy? a) Look for HTTPS b) Check the domain’s registration date c) Enter fake credentials first d) Trust it—certificates are secure

Phishing

Print
Embed

Leaderboard

Visual style

Options

Switch template

Continue editing: ?