All the latest UK technology news, reviews and analysis
|
|
|
30 Mar 2005
A new website has been built to educate British online consumers about the dangers of phishing scams.
The Phishing IQ Test has been set up with faux emails from banks and e-commerce vendors, and users are invited to judge whether they are legitimate or not.
A results page reveals the correct answers and gives detailed information on how to identify a phishing attack.
"Whilst we recognise that phishing has been a US-driven phenomenon, we are increasingly seeing UK-focused scams which use a different kind of language, and by which people in the UK are more easily tricked," said Vanessa Wade, managing director of email security vendor MailFrontier which set up the site.
"We developed the test specifically for the UK, as English is still the main language being used by phishers. We hope that this test gives people more confidence when deleting, ignoring or reporting cases of phishing in the UK in future."
Over 300,000 people have viewed the American version of the site since its launch in June last year. A worrying 96 per cent of those people got at least one of the questions wrong.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
A senior C# developer is required by a leading investment...
A senior JAVA developer is required by a leading financial...
A leading investment bank are looking for an AGILE JAVA...
A senior C# WPF F# developer is required by a leading...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Using favourites is not always safe
IMHO the test was a little amateur in that did not allow an option "May be legitimate - further test required". I scored lower than I should have as left the ones I (correctly) thought might be legit as "no answer" (bar one where I erred on the side of caution as the email type was alien to me, so I had no way of verifying that the roll-over address was correct). However, it would be useful for non-technical users to be directed there to see how easy it is to be fooled by phishing emails. How is this site being marketed? Using bookmarks is not always safe as there are some virii that update your bookmark file. It is always safer to type in the website name (I always do this for ebay and paypal, or use the internal links from ebay messages to get to paypal). In addition, there is a hosting file that should be set to read only (can't remember the name off the top of my head) to ensure IP addresses cannot be updated.
Posted by: Mary F 05 Jun 2006
Phishing test could use some changes
First, none of the examples can be legitimate, because I am not addressed by name (There should be a note about this in the instructions). Second: The advice to type the URL into the browser is not the best advice. The address should only be typed once, and then the log in page should be saved in favorites or bookmarked, mand thereafter always accessed from favorites or bookmarks, unless the website owner changes the address, and you can verify that it was changed by the owner of the site.
Posted by: Howard Mirkin 25 May 2006