Intel research: Users massively fooled by phishing mails – 80% fails test

vbimport

#1

We’ve just posted the following news: Intel research: Users massively fooled by phishing mails – 80% fails test[newsimage]http://static.myce.com//images_posts/2015/05/PhishingSurveyInfographic_FINAL-13Apr2015-785x1024-95x75.jpg[/newsimage]

Research from Intel reveals that it’s still hard for internet users to recognize phishing emails.

            Read the full article here: [http://www.myce.com/news/intel-research-users-massively-fooled-by-phishing-mails-80-fails-test-76055/](http://www.myce.com/news/intel-research-users-massively-fooled-by-phishing-mails-80-fails-test-76055/)

            Please note that the reactions from the complete site will be synched below.

#2

Someone’s not good at math. If only 3% percent of all respondents got all 10 questions right then 97% of people were fooled by at least one question.


#3

Guess common sense went out with the bathtub and sink… :rolleyes:


#4

I just took the test and only got 50%. On most of the e-mails, I could only see a tiny portion of the e-mails, which I suspect is part of the reason I failed. Still, I thought I was at least smart enough to get better results than that.

Of course, in the real world, you probably won’t be looking though someone else’s e-mail. Instead, you be looking though your own, which means you’ll know what e-mails are bad based on whether or not you were expecting said e-mails.


#5

I got 80% correct.
The two I missed I would question based on the information given .
If I think I’m getting a phishing email I usually take a look at it with properties .
If it’s not from a designated sender address that’s usually a red flag.


#6

I call bogus on Intel’s online quiz. It’s not an attempt to determine if people are good at spotting fishing attempts, but rather a marketing tool to convince people that they are not good at it and must rely on McAfee (owned by Intel) to protect themselves.

For some example emails only a small fraction of the email is shown, and if you can’t see the sender or the receiver or see links in the email, then it’s not possible to determine if something is phishing or not.

The only way to get all questions right is to be a good guesser.

[QUOTE=TSJnachos117;2754041]On most of the e-mails, I could only see a tiny portion of the e-mails, which I suspect is part of the reason I failed.[/QUOTE] It’s one of two reasons you cannot determine (except by guessing) if those emails are phishing.

Of course, in the real world, you probably won’t be looking though someone else’s e-mail. Instead, you be looking though your own, which means you’ll know what e-mails are bad based on whether or not you were expecting said e-mails.
And that’s the other reason why it’s not possible to determine whether some of those emails are phishing or not.


#7

For my own part I’ve never been fooled by a phishing email, and it only once took me more than one second (literally) to be sure if an email was phishing or not. That single example was really clever and it took me about five seconds to be 100% sure it was phishing after initially thinking it probably was a scam.

Context is essential to determine what is phishing, what is spam, and what is legit email!


#8

[QUOTE=DrageMester;2754048]I call bogus on Intel’s online quiz. It’s not an attempt to determine if people are good at spotting fishing attempts, but rather a marketing tool to convince people that they are not good at it and must rely on McAfee (owned by Intel) to protect themselves.

For some example emails only a small fraction of the email is shown, and if you can’t see the sender or the receiver or see links in the email, then it’s not possible to determine if something is phishing or not.

The only way to get all questions right is to be a good guesser.

It’s one of two reasons you cannot determine (except by guessing) if those emails are phishing.

And that’s the other reason why it’s not possible to determine whether some of those emails are phishing or not.[/QUOTE]

Oh good comments, I thought it was just me, although I got one wrong that was real an I was caught by the American airlines one because I have never used them before and the only clue was the extra aa in the web address. I have never been caught by any fake emails, even if they look doubtful I just bin them. If I don’t know what it is, it goes bye bye.
What’s annoying is the “cover” names companies use. I may buy something unknowingly from a subsidiary of a larger company and the confirmation e mail comes from the main business. That’s confusing. I must have dumped a few of those.
one of he main things is to never open attachments.

Be careful Guys, It’s getting worse and the spoofers more clever every day.


#9

It takes me longer than a few seconds to spot a phishing email.
Sometimes.
I don’t even open one I’m suspicious of.
I right click on it. Select Properties > Details tab > Message Source.
About 3 lines down it will show if the email is from a “permitted sender” or not.
If it is not from a “permited sender” that’s a definite red flag.
Then a lot will be encrypted but look for some text.
It may have the whole message body of the email as readable text.
That is usally a good sign it is OK.
But if you see it ask you to print something in the text a major red flag.
Anyway that’s one way I check if not sure.
None of that is possible with the test.