Recognizing obscure emails designed to steal your passwords or tricking you into installing malware is probably the most important cybersecurity skill that can be learned.
People fall in love with phishing emails every day. In fact, phishing was involved in 70 percent of violations last year, according to the Verizon Data Breach Investigation Report. And despite efforts to spread awareness, phishing is still successful. Nearly 11 percent of people who receive phishing emails fall for it, according to internet security company Cofense.
The Alphabet subsidiary, Jigsaw, has just launched a quiz that hopes to teach people how to find phishing emails.
This quiz has eight potentially malicious email samples, all inspired by real phishing emails that Google sees in the wild.
There are even examples inspired by e-mail that deceived Hillary Clinton's campaign manager and veteran Republican politician Colin Powell to give their passwords to Russian hackers.
As an experienced cyber security reporter, I want to believe that my level of paranoia is quite high, and so I have to be smart enough to find phishing emails. But even I wasn't perfect: I identified seven out of eight emails correctly.
For people who are not trained and used to being wary like me, this quiz is an excellent opportunity to learn. After each response in a quiz, this explains what signs you should see to find out whether the email is legitimate or malicious.
And praise for Jigsaw for including an example inspired by Google snafu, where the company sent confusing Gmail security warnings that looked like phishing attempts, as well as a large Google Doc phishing worm that hit about one million users.
Listen to CYBER, Motherboard's latest weekly podcast on cyber hacking and security.