Phishing quiz

A Google offshoot is trying to teach people to be more circumspect about phishing attempts.

Jigsaw, an incubator owned by Google parent company Alphabet, has released an online quiz that displays examples of phishing emails side by side with legitimate ones and asks users to guess which is which. The quiz uses real-world phishing campaigns, including the Russian hack that gained access to the email account of John Podesta, Hillary Clinton’s 2016 campaign manager.

“We created this quiz based on the security trainings we’ve held with nearly 10,000 journalists, activists, and political leaders around the world from Ukraine to Syria to Ecuador. We’ve studied the latest techniques attackers use, and designed the quiz to teach people how to spot them,” wrote Jigsaw product manager Justin Henck in a blog announcement.

While the developers at Jigsaw describe the importance of training users to spot tell-tale signs of fraudulent emails, they stress the need for 2-Factor authentication as the front line against phishing.

“The best protection against phishing is two-factor authentication. When you have two-factor authentication enabled, even if an attacker successfully steals your password they won’t be able to access your account,” wrote Henck.

Take the quiz here.