BECOME A Cyber

FIGHT
ONLINE FRAUDS

Choose your avatar, your nickname and age group
(Use a nickname with a minimum length of 4 chars!)

Choose the correct answers (2 out of 3 are correct).
You receive this SMS that mentions your bank. What do you do?

I immediately click to verify my card before it gets blocked.

I call my bank to find out if this SMS was actually sent by them.

I block the sender’s number. It's a scam!

Correct

You’re right!
You intercepted a smishing attempt, which is phishing via SMS. You've taken a step forward on your CyberNinja path.

Wrong answer

Sorry, wrong answer!
This is a typical example of smishing, which is phishing via SMS.
What’s the best way to identify this kind of phishing attack? In this example, the URL in the SMS uses the HTTP protocol and not the more secure HTTPS.

In the email below there are 5 elements that reveal it is actually phishing. Which are they?

The sender name, email address, and courier mentioned in the content (Express) are not related to each other.

There is no courier called Express.

The message pressures the recipient and tries to catch their attention by using a lot of emojis.

It is written in strange English and is full of mistakes.

The ID in the subject is different from the one in the content of the email.

The button you're supposed to click on is purple, a rarely used color.

Correct

You’re right!
You've found all the hallmarks of an email phishing attempt. It's not easy to fool you!

Wrong answer

Sorry, wrong answer!
Here are the 5 elements that should have caught your attention: The sender’s name, email address, and courier mentioned in the content (Express) are not related to each other; There is no courier called Express; The message pressures the recipient and tries to catch their attention by using a lot of emojis; It is written in strange English with several mistakes; The ID in the subject is different from the one in the content of the email.

Find the correct answer.
What is spear phishing?

Correct

You’re right!
You hit the target.
Spear phishing is a type of phishing that targets a specific company or person through personalized messages (such as emails).

Wrong answer

Sorry, wrong answer!
Spear phishing is a type of phishing that targets a specific company or person through personalized messages (such as emails). Messages often include the first name and surname of the victim and sometimes come from senders who pretend to be someone the victim knows (for example, a colleague, a friend, a company with which they have had a previous business relationship, and so on). What’s the best way to uncover a spear phishing attempt? Always check the sender’s email address. If you don't know the sender, you must be cautious!

Find the correct answer.
Through a post on a social network, you discover that one of your favorite e-commerce sites has really interesting offers for a limited time period. You click and are directed to the site, but you want to make sure it really is the e-commerce site you know and not a scam. What do you do?

Correct

Correct!
Cybercriminals can build sites that look absolutely identical to those they want to imitate, but they can't falsify the URL. No disguise can get past you!

Wrong answer

Sorry, wrong answer!
The only thing that cybercriminals cannot counterfeit is the site address (the URL), which even on the most accurate scam site can never be the same as the original. Be careful though, it could be very similar!

Find the 3 correct answers.
Someone you don’t know wants to connect with you on your social media account. Which warning signs should make you suspicious?

You and this person have no friends in common, even though they say you're both from the same city.

They make a lot of spelling and grammar mistakes.

As a profile image they have a picture of a pet and not a person.

Their profile was only created a few days ago or has very few contacts.

Correct

Correct!
No enemy can get past your watchful eye. An account with very low or recent activity, with no common friends, claiming to live in the same area, using strange English, full of mistakes, and whose profile is new or with very few contacts is definitely suspicious.

Wrong answer

Sorry, wrong answer!
It's probably a social media scam created to steal the personal data of the victim or to extort money through deception. Fake social profiles designed for the purpose of scamming, can be detected thanks to some distinctive signs. For example: They have usually been created recently or have very few contacts. They claim to live in from your area, but there is no one you know among their contacts. When chatting, they make several spelling and grammar mistakes, and use the language in a strange way, as if they were using a machine translator.

Find the correct answer.
Which of the following URLs leads to a malicious site?

Correct

Correct!
You never lose focus, just like a real ninja! The search engine in question uses the HTTPS protocol, which increases the security and privacy of users who browse the web. In the address bar of some browsers, such as Chrome or Edge, you can see a padlock indicating that the website you’re visiting uses the HTTPS protocol.

Wrong answer

Sorry, wrong answer!
The third option ("http://www.gooogle.com") uses the HTTP protocol, which is now considered unsafe. Also, there is an extra "o"! All the others are legitimate domains related to different countries.
Regarding the HTTPS protocol, when a site uses it, on some browsers, like Chrome or Edge, you can see a padlock in the address bar. Also, if you click on the padlock and then click on "Details", you can get further useful information, for example, if the identity of the site has been verified or not.

Click on the correct image.
Which one of these two emails is authentic?

A

Nickname

Correct!
Your eyes are always open. The second email contains a contradiction between the subject and content and the email address is clearly odd. The text is also full of mistakes.

Next

B

Nickname

Sorry, wrong answer!
This is a phishing email. There are certain elements that should make you suspicious: It offers a gift; The email address and sender's name are odd and/or not linked to each other; The subject and content of the email are not linked; The text contains unusual characters and grammar mistakes.

Next

Correct

Correct!
Your eyes are always open. The second email contains a contradiction between the subject and content and the email address is clearly odd. The text is also full of mistakes.

Wrong answer

Sorry, wrong answer!
This is a phishing email. There are certain elements that should make you suspicious: It offers a gift; The email address and sender's name are odd and/or not linked to each other; The subject and content of the email are not linked; The text contains unusual characters and grammar mistakes.

In the email below there are 5 elements indicating that this is a phishing attempt. Try to find them all!

It offers a prize.

It tries to pressure the recipient (it was sent with high importance and a flag for completion).

The sender's email address and name are odd and/or not connected to each other, as well as the subject and content.

The email features an altered version of a famous e-commerce site's logo.

The woman in the picture appears to be wearing a Christmas outfit but the email was sent in July.

The text is written in strange English, with a lot of mistakes and unusual characters.

Correct

Correct!
You blocked all the enemy's strikes and knocked them out.

As you know, you must be wary of any email that pressures you: Offers a prize, tries to attract you by mentioning very famous brands; Features some elements that are not connected to each other (e.g., sender’s name and e-mail address); Is written in strange English, full of mistakes.

Wrong answer

Sorry, wrong answer!
Here are the elements that should ring alarm bells:

• It offers a prize.
• It tries to pressure the recipient (it was sent with high importance and a flag for completion).
• The sender’s email address and sender name are odd and/or not connected to each other as well as the email subject and content
• The email features an altered version of a famous e-commerce site's logo.
• The text is written in strange English, with a lot of mistakes and unusual characters.

Find the correct answer.
You receive the email below. What do you do?

If I actually logged into my account from that location, I do nothing. Otherwise, I change my password.

I delete the email and report it as phishing. It's a scam!

Correct

Correct!
Real ninjas know how to recognize their friends, and this email is actually from a legitimate sender.

Wrong answer

Sorry, wrong answer!
The email comes from a legitimate sender and is a typical example of a message sent to alert you of a possible unwanted login to your account. The email is therefore not an example of a phishing attempt.

Find the correct answer.
You receive the email below. What do you do?

I click on "Verify here". It’s really no big deal and I could win a big prize!

I delete the email and mark it as phishing.

Correct

Correct!
Clever is your middle name. Nothing gets past you! The email in question is undoubtedly a phishing attempt, trying to convince the victim to provide their personal data by exploiting the tempting idea of being credited with a sum of money.

Wrong answer

Sorry, wrong answer!
The email, claiming to come from an online casino, is clearly a phishing attempt offering to credit a certain amount of money after completing a "data verification procedure". Be careful! Only provide your personal data to people or companies you trust and only through their official channels.