Home / Phishing Attacks / Phishing / Phishing Quiz / Results

Phishing - Quiz Results

Email 1 - eBay Account Verification

Fake: Although the link on this email says ebay.com, it in fact points to an IP address, which was a spoofed web site.

Email 2. Washington Mutual Alerting Service

Fake: The link on this site points to a URL that at first glance could be mistaken for the Washington Mutual web site, however if you look closer the site it is actually directing you to is: http://www.personal--wamu.com:6180/logon/.

Email 3. Wamu - Important Security Announcement

Fake: The first thing to arouse suspicion with this email is the poor use of English in the email. Secondly, the link again looks as though it is to a real url - https://internetbanking.wamu.com/index.html - however, the actual link goes to an IP address, which was a spoof site.

Email 4. Citibank Account Data

Fake: This site also uses a URL (having https://) that looks similar to an actual Citibank URL. You can read more about URL obfuscation attacks here

Email 5. eBay User Agreement

Fake: This is a more complex URL obfuscation attack, and at first glance appears to be a genuine eBay email. However, close inspection reveals that this again sends the user to an IP address, rather than the genuine eBay web site.

Email 6. eBay Account Suspension

Fake: Again, this phishing email points to an IP address which was home to a spoofed web site, rahter than the actual eBay login area.

Email 7. Regions Account Verification

Fake: This time Regions are victims of a URL obfuscation attack. The link looks genuine at first glance, but it is actually pointing to an IP address.

Email 8. eBay Request

Fake: Rather than use an IP address, this email simply uses a completely different web site address. Very obvious if you check the address bar - but how often do you just trust the link you click?

Email 9. Paypal Account Update

Fake: The header and footer links on this email all link directly to the Paypal web site. However, the update link and email addresses go to a different URL. These scammers try and get your trust with the header, and hope enough people are tricked into clicking the wrong link, so there details can be gained.