Computer Security Training

Watch the following video and answer the question

Who are the 5 Internet's Most Wanted?

You receive a chain email that tells you to pass it on to 10 of your closest friends. Do you:

Send the email to your friends - it's cool and you want them to see it too!

Delete the email. You're never sure what viruses these types of chain emails can have.

What is "Phishing"?

A type of computer virus that encrypts all of your information an asks you to send money to decrypt it

A spyware attack common among small businesses

A fraudulent e-mail designed to trick you into sharing personal information

An e-mail that contains advertising that is attempting to sell you something

You are shopping online at http://superstore.com and you come to the payment page which is http://superstore.com/checkout. You should feel safe putting your credit card information into this page.

True

False

You receive an email from your bank informing you that it suspects an unauthorized transaction on your account. To protect your account, the email advises you to click on a link to verify your identity. Should you do so?

No way, the whole thing sounds fishy! If you're concerned about your account, contact your bank directly using a phone number or web address you know is genuine.

Yes. If someone is using your bank account, you don't have a second to lose. Immediately click on the link to verify your identity.

Yes, but first you should make sure the message looks legitimate.

You're surfing the web when you see a pop-up message from your Internet Service Provider saying that it needs you to click on a link to verify or update your account information. Should you comply?

It sounds like a reasonable request, so click on the link to see what type of information they need from you, and follow the instructions.

Just say no. Legitimate companies never ask for this information via pop-up ads or email.

Reply immediately. If you don't cooperate, you could run the risk of losing all your email messages, and possible even being permanently disconnected from the Internet.

Despite all your precautions, let's say you suspect that you've been "phished" and provided personal or financial information to someone masquerading as your bank, online payment service, someone at your company, government agency, etc. What should you do? (Check all that apply)

Not to worry. Because you gave your information in good faith, there's no way doing so could cause any harm.

File a complaint at ftc.gov

Contact your bank, credit card companies to alert them to the situation and place a fraud alert on your credit to prevent unauthorized access.

Visit the FTC's Identity Theft website for more information www.consumer.gov/idtheft

Wait until something happens before protecting yourself. It is possible that your information never actually reached the person who was doing the phishing attack.

Your company's network administrator sends you an email warning of a security breach and asking you to confirm your password by entering it into a secure website. What should you do?

Don't share your password or any other personal information. Report the incident by calling your IT office, or by email them at an address you know to be genuine.

Don't enter your password on the website. Instead, send your reply by email to the sender.

Immediately enter your password on the website. You can always trust emails from your own organization.

There are several ways to avoid getting hooked by a phishing scam, including reviewing credit card and bank account statements as soon as you receive them and checking your credit at least yearly. How can this help you avoid being scammed?

It's a quick way to make sure you're solvent. If you have money in the bank, or credit, you're still a player!

By reviewing your statements for unauthorized changes, you can know quickly whether someone has started using your account. If this happens, you can alert authorities and stop the problem before more damage occurs.

It's not that it helps directly, but it will give you something to do while waiting to see if the scammers have drained your account.

Which of the following is NOT a type of Phishing attack?

Smishing (SMS Phishing) - Utilizes SMS Text Messages with a web link and/or a phone number to call that will be used to attempt to get personal information from you.

Spear Phishing - A targeted attack that uses personal information about the target to increase probability of success.

Ice Phishing - An attack that causes your computer to freeze if when you click on a link or open an attachment

Whaling - An attack directed at senior executives an other high profile targets within businesses where the email message is formatted in a very official way to attempt to gain access to the corporate systems or get information about the individual or company.

Clone Phishing - Form of attack where a previously delivered email is cloned and either has the links changed to malicious sites or has a virus/spyware installed into the message which is then re-transmitted and made to look like a reply or forward.

You receive a call from Microsoft saying your computer has a virus and they can fix it for you (for a cost). What suggests this is a telemarketing scam?

They persist no matter what you say

You did not report a problem with your computer

Microsoft would not phone individual users

All of the above

When a person receives a threatening call or message from the Internal Revenue Service telling them to pay taxes due now or face court charges, jail, or worse, what is most important for them to remember?

IRS would never do that

Tax assessments are sent by mail

All of the above

Which of the following is NOT a good practice when choosing a password?

Use a long, unique sentence (passphrase), I.e. "I eat fried buckeyes for breakfast"

Re-use the same password I've already used elsewhere

Use a lengthy combination of upper and lower case letters, numbers, and symbols, I.e. "18oaiuga$#sk9%FJIi59"

Use a utility like Password SafeTM to randomly generate and manage your password.

None of the above. All are good and secure practices.

It is perfectly safe to use encrypted USB Flash Drive to deliver files. Since the data stored on the drive is encrypted and can only be accessed by someone with the correct password the data is trusted and safe. There is no risk of spreading viruses and spyware using encrypted flash drives

True

False

You receive an email from the President of your company asking you for the company's bank routing number and account number. You check the sender's email address and it looks correct. You read through the email and it looks like the President sent the email, it even has the company's email signature and disclaimer at the bottom. The email message is legitimate and you should reply with the information requested.

True

False

Educating people on how to properly identify and deal with phishing emails is 10 times more effective in preventing the loss of personal and/or financial information than security filtering software alone.

True

False

Unlock and Upgrade

Remove all limits from your Quizzes

Computer Security Training

More Quizzes