All the latest UK technology news, reviews and analysis
|
|
|
30 Mar 2005
A new website has been built to educate British online consumers about the dangers of phishing scams.
The Phishing IQ Test has been set up with faux emails from banks and e-commerce vendors, and users are invited to judge whether they are legitimate or not.
A results page reveals the correct answers and gives detailed information on how to identify a phishing attack.
"Whilst we recognise that phishing has been a US-driven phenomenon, we are increasingly seeing UK-focused scams which use a different kind of language, and by which people in the UK are more easily tricked," said Vanessa Wade, managing director of email security vendor MailFrontier which set up the site.
"We developed the test specifically for the UK, as English is still the main language being used by phishers. We hope that this test gives people more confidence when deleting, ignoring or reporting cases of phishing in the UK in future."
Over 300,000 people have viewed the American version of the site since its launch in June last year. A worrying 96 per cent of those people got at least one of the questions wrong.
Latest stories from Security
Related articles
Related jobs
Poll
What will be the biggest change to corporate technology in the future?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
Recruitment Consultants – IT (City of London - £20-£30k...
C++, SQL, Windows My Client is a prestigious technology...
Java Developer, Java Agile Developer Java, Agile...
Customer Insight Analyst- SAS/ SQL/ SPSS Key Words...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Using favourites is not always safe
IMHO the test was a little amateur in that did not allow an option "May be legitimate - further test required". I scored lower than I should have as left the ones I (correctly) thought might be legit as "no answer" (bar one where I erred on the side of caution as the email type was alien to me, so I had no way of verifying that the roll-over address was correct). However, it would be useful for non-technical users to be directed there to see how easy it is to be fooled by phishing emails. How is this site being marketed? Using bookmarks is not always safe as there are some virii that update your bookmark file. It is always safer to type in the website name (I always do this for ebay and paypal, or use the internal links from ebay messages to get to paypal). In addition, there is a hosting file that should be set to read only (can't remember the name off the top of my head) to ensure IP addresses cannot be updated.
Posted by: Mary F 05 Jun 2006
Phishing test could use some changes
First, none of the examples can be legitimate, because I am not addressed by name (There should be a note about this in the instructions). Second: The advice to type the URL into the browser is not the best advice. The address should only be typed once, and then the log in page should be saved in favorites or bookmarked, mand thereafter always accessed from favorites or bookmarks, unless the website owner changes the address, and you can verify that it was changed by the owner of the site.
Posted by: Howard Mirkin 25 May 2006