Phishing Quiz

Banks, your employer, and other valid sources may occasionally ask you for your full name and password in an email.

False. Legitimate entities should never ask you for the following personal information in any email: Your full name Your password Driver's license number Social Security number Credit and debit card numbers Pin numbers or bank account numbers

Clicking on a link in an email is the most reliable way to get to your account.

False. Many phishing emails have links that look valid, but send you to fraudulent sites instead. Here's what you should do: Open a new browser window, type the URL for the site you're seeking and log in to your account directly.

You can be sure that an email is valid based on the sender's email address.

False. You may be tempted, but don't trust an email address. It's pretty easy to alter and is not an indication of whether the email is real or not.

Legitimate email correspondence from companies or employers will never contain sensitive attachments or software.

True. Legitimate entities should never email you a sensitive attachment or software update to install on your computer. Never install attached software or even open an attached file. It's not safe - it could be spyware or a virus.

Phishing is a form of fraud designed specifically to steal your identity.

True. Usually, a phishing email will have a fake story that's designed to lure you into clicking a link or button in the email or calling a phone number. The sender is trying to steal your identity by tricking you into revealing your password or other personal information.