On Tuesday, Google’s Jigsaw unit published a quiz that tests users’ abilities to identify phishing emails. The quiz tests you on a series of emails to see if you can distinguish telltale signs of phishing.
“Phishing is, by far, the most common form of cyberattack,” Jigsaw explains in a blog post. “One percent of emails sent today are phishing attempts.” According to the post, the quiz is based on trainings Jigsaw held with “10,000 journalists, activists, and political leaders.”
In total, there are eight examples that Google tests you on, some representing legitimate emails and others phishing scams. Many of the examples are actually based on real events, such as the massive phishing attempt that hit Google Doc users in 2017 or an email that Russian hackers sent to Hillary Clinton’s campaign manager in 2016.
After each email, Google explains how to tell the signs, often by hovering over URLs to check where they lead and checking the spelling of email addresses. Malicious users often try to send emails that have URLs containing the names of companies like Google or Dropbox, but there will usually be some sort of giveaway that the links point to somewhere more nefarious.
Jigsaw is an experimental incubator project within Google that’s aimed at tackling broad geopolitical problems in the tech space, often through relatively simple microsites and software projects. In the past, the group has produced troll-detecting software, an open-sourced tool to help media organizations provide journalists with VPNs, and AI tools that filter out abusive language.