CyberAwareness4all | Phishing and Social Engineering

1. What is phishing?

a) A type of malware that encrypts files
b) A technique to trick people into revealing sensitive information
c) A method to improve internet speed
d) A type of firewall protection

2. Which of the following is a common sign of a phishing email?

a) Personalized greeting with your full name
b) Poor grammar and spelling mistakes
c) A legitimate-looking sender email address
d) Links to trusted websites

3. What is spear phishing?

a) A generic email sent to millions of users
b) A type of ransomware attack
c) A targeted attack on a specific individual or organization
d) A method to secure your email account

4. What should you do if you receive a suspicious email?

a) Click on the links to verify its authenticity
b) Forward it to your colleagues for advice
c) Report it to your IT department or email provider
d) Reply to the sender to ask for clarification

5. Which of the following is an example of social engineering?

a) Installing antivirus software
b) Encrypting sensitive data
c) Calling someone and pretending to be tech support to gain access to their computer
d) Using a VPN to browse the internet securely

6. What is the primary goal of phishing attacks?

a) To steal sensitive information like passwords or credit card numbers
b) To improve your computer's performance
c) To install legitimate software on your device
d) To increase your internet bandwidth

7. Which of the following is a red flag in a phishing email?

a) The email is from a trusted company you regularly interact with
b) The email contains a personalized message
c) The email has no attachments
d) The email asks you to verify your account immediately

8. What is vishing?

a) A type of phishing attack that uses voice calls
b) A method to secure your email account
c) A type of malware that spreads through USB drives
d) A technique to improve network security

9. What is a common tactic used in social engineering?

a) Offering free software updates
b) Sending encrypted emails
c) Creating a sense of urgency or fear
d) Providing detailed technical support

10. What should you do if you accidentally click on a phishing link?

a) Close the browser and forget about it
b) Immediately change your passwords and report the incident
c) Restart your computer
d) Take a screenshot and share it on social media

11. What is pretexting in social engineering?

a) Sending fake emails to trick people
b) Encrypting data to protect it from hackers
c) Using strong passwords to secure accounts
d) Creating a fabricated scenario to gain someone's trust

12. Which of the following is a safe practice to avoid phishing?

a) Clicking on links in unsolicited emails
b) Verifying the sender's email address before responding
c) Sharing your passwords with trusted colleagues
d) Using the same password for multiple accounts

13. What is smishing?

a) A phishing attack that uses SMS or text messages
b) A type of malware that spreads through social media
c) A method to secure your mobile device
d) A technique to improve email encryption

14. What is a common indicator of a phishing website?

a) A URL that starts with "https://"
b) A URL that contains misspellings or unusual characters
c) A website with a professional design
d) A website that loads quickly

15. What is baiting in social engineering?

a) Offering something enticing to trick someone into revealing information
b) Sending fake emails to gain access to accounts
c) Encrypting sensitive data to protect it
d) Using strong passwords to secure accounts

16. What is the best way to protect yourself from phishing attacks?

a) Use the same password for all accounts
b) Enable multi-factor authentication (MFA)
c) Share your passwords with trusted friends
d) Click on links in emails to verify their authenticity

17. What is whaling?

a) A phishing attack targeting high-profile individuals like CEOs
b) A type of malware that spreads through USB drives
c) A method to secure your email account
d) A technique to improve network security

18. What should you do if you receive a suspicious text message?

a) Reply to the message to verify its authenticity
b) Click on any links in the message
c) Delete the message and report it to your IT department
d) Forward the message to your friends

19. What is a common tactic used in vishing attacks?

a) Sending fake emails
b) Using social media to spread malware
c) Encrypting sensitive data
d) Pretending to be a trusted organization over the phone

20. What is the purpose of a phishing kit?

a) To help users identify phishing attacks
b) To provide tools for hackers to create fake websites
c) To encrypt sensitive data
d) To improve email security

21. What is a common indicator of a phishing email?

a) The email is from a trusted sender
b) The email has no attachments
c) The email contains a generic greeting like "Dear Customer"
d) The email is written in perfect grammar

22. What is tailgating in social engineering?

a) Physically following someone into a restricted area
b) Sending fake emails to gain access to accounts
c) Using strong passwords to secure accounts
d) Encrypting sensitive data

23. What is the best way to verify a suspicious email?

a) Click on the links in the email
c) Forward the email to your friends
d) Reply to the email asking for clarification
b) Contact the sender directly using a trusted method

24. What is a common goal of social engineering attacks?

a) To improve your computer's performance
b) To gain unauthorized access to systems or information
c) To install legitimate software on your device
d) To increase your internet bandwidth

25. What is a common tactic used in baiting attacks?

a) Offering free USB drives or gifts
b) Sending fake emails to gain access to accounts
c) Using strong passwords to secure accounts
d) Encrypting sensitive data

26. What is a common indicator of a phishing website?

a) The website has a padlock icon in the address bar
b) The website asks for sensitive information like passwords or credit card numbers
c) The website loads quickly
d) The website has a professional design

27. What is the best way to protect yourself from social engineering attacks?

a) Share your passwords with trusted colleagues
b) Use the same password for all accounts
c) Click on links in emails to verify their authenticity
d) Be skeptical of unsolicited requests for information

28. What is a common tactic used in pretexting attacks?

a) Creating a fabricated scenario to gain someone's trust
b) Sending fake emails to gain access to accounts
c) Using strong passwords to secure accounts
d) Encrypting sensitive data

29. What is a common indicator of a phishing email?

a) The email is from a trusted sender
b) The email has no attachments
c) The email contains a sense of urgency or fear
d) The email is written in perfect grammar

30. What is the best way to protect yourself from phishing attacks?

a) Use the same password for all accounts
b) Enable multi-factor authentication (MFA)
c) Share your passwords with trusted friends
d) Click on links in emails to verify their authenticity