topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 4:02 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Poll

Did you get a perfect score on all 3 quizzes?

Perfect score on the spyware quiz.
Perfect score on the spam quiz.
Perfect score on the phishing quiz.
I failed all 3.

Author Topic: How good are you at spotting spyware, spam & phishing traps?  (Read 11981 times)

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
How good are you at spotting spyware, spam & phishing traps?
« on: November 21, 2007, 06:18 AM »
Mcafee has 2 little quizzes to test your abilities to spot websites with unsafe downloads and those that will share your email address with spammers.

These quizzes are based on real sites.

Using whatever methods you normally use, take the 2 quizzes and see how good you really are at protecting yourself.

Spyware Quiz (average score: 59%)

Spam Quiz (average score: 55%)

And there is one additional phishing quiz, similar in nature to the 2 by McAfee, using real emails samples, but the links are disabled and you can't hover to see the real target.

Phishing Quiz



spyware.jpg spam.jpg phishing.jpg

Eóin

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,401
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #1 on: November 21, 2007, 06:50 AM »
6 out of 8 on the spyware quiz. But I didn't realise I was supposed to go off and research, my answers were based solely on the screenshots (and some existing knowledge) :D


app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #2 on: November 21, 2007, 06:53 AM »
That was how I did it too, 7 out of 8 on the spyware one.

PhilB66

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,522
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #3 on: November 21, 2007, 07:35 AM »
6 oot of 8 on the spyware test by just looking at the screenshots.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #4 on: November 21, 2007, 07:41 AM »
Hm, you were supposed to research? I did the same as Eóin, first impressions + previous knowledge. Didn't visit the sites, only looked at the screenshots.

I had 7/8 on the spyware quiz, Tightrope Walker I am :)

FAILURES:
Spoiler
I did wrong on the anysonglyrics.com vs. azlyrics.com test, which I sort of expected - it's a bit of a trick question because one of the sites has a "firefox prevented popup window", which obviously makes you go into alert mode. Also, anysonglyrics.com has a "contact" link, which does give a bit of confidence imho.


When judging a site by first looks, I generally look for the following:

Things to be wary of: ringtone advertisements, casino advertisements, "tell all your friends" links, "competitions" of various sorts, "your email address" "login" boxes, smiley/cursor/etc packs, pharmacy/drugs stuff.

Things that inspire confidence: contact links, forums, in some cases login/registration (but other times it screams bloody murder at you).

I failed pretty miserably at the Spam Quiz - 4 of 8. But again, that was based on first impressions, in a real life situation I'd either use a fake/spam email address for that kind of site, or I would do proper research.

FAILURES:
Spoiler
Failed on bullseyesgames.com vs. miniclip.com: I would have voted for miniclip because of site design, but I guess it was the ringtones ad of miniclip that threw me off. But of course, why would bullseyegames require login to play games?

Failed on funnyreign.com vs. superlaugh.com: the "JOIN for FREE" email boxes are very suspicious to me. But the "free greeting cards" and "We are now on MYSPACE" at funnyreign didn't seem kosher to me either - I wouldn't have left my email address at either site.

Failed on creditcardmenu.com vs. wiredplasticvisa.com: again, would never have used either (I visit my physical bank for money related matters), but the "retail locations" of wiredplasticvisa seemed like a plus.

Failed on petitionspot.com vs. thepetitionsite.com: thepetitionsite had something looking like a referer ID in the URL bar, I'm very wary of those. Should've looked closer at petitinspot.com, the money stuff and gmail address (instead of using their own domain) is fishy.

- carpe noctem

Lashiec

  • Member
  • Joined in 2006
  • **
  • Posts: 2,374
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #5 on: November 21, 2007, 05:13 PM »
8/8 on the first one. P2P software and lyrics sites were the easiest, because I was familiar with all the options, except the "bad" lyrics one.

5/8 on the second, the last one was EASY, it tried to flood me with popups. Guess spamming sites are difficult to distinguish. That's why I avoid giving the email so easily.

And a 100% on the third one. Happy! ;D. I quickly remembered the golden rule: If they provide a link to enter your personal information, then it's a scam for sure. The last one was hilarious: "Please take several minutes out of your online experience(...)". Several minutes... LOL

Darwin

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 6,984
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #6 on: November 21, 2007, 05:36 PM »
7/8
3/8
10/10

Bring on the spam!

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #7 on: November 22, 2007, 06:35 PM »
You are not 'supposed' to research. You are supposed to do what it is that you normally would do. Googling for info on a site and their spamming history, reading privacy policies, looking for specific types of ads, etc...if that is what you normally would do.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #8 on: November 22, 2007, 09:03 PM »
You are not 'supposed' to research. You are supposed to do what it is that you normally would do. Googling for info on a site and their spamming history, reading privacy policies, looking for specific types of ads, etc...if that is what you normally would do.
That's what I would call research - I thought you were supposed to judge the sites just based on those thumbnails :)
- carpe noctem

scancode

  • Honorary Member
  • Joined in 2007
  • **
  • Posts: 641
  • I will eat Cody someday.
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #9 on: November 22, 2007, 09:26 PM »
SiteAdvisor Spyware Quiz / I GOT 6 OF 8 QUESTIONS CORRECT
SiteAdvisor Spam Quiz / I GOT 7 OF 8 QUESTIONS CORRECT
The other Quiz You got 9 out of 10 correct, or 90 %  [DAMN! Hotmail got me!]

lanux128

  • Global Moderator
  • Joined in 2005
  • *****
  • Posts: 6,277
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #10 on: November 22, 2007, 11:10 PM »
i use Firefox with NoScript add-on so the 1st two sites were out of question as they are disabled by NoScript. i'm not allowing access to some McAfee websites.. :) so i did only the 3rd quiz for which i got 80% (failing the hotmail & us bank emails)..

now i'm going to put all three links in an email & send to everyone in my address-book..  :P

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #11 on: November 24, 2007, 06:25 PM »
Is getting something besides a perfect score a failure?

First of all, I'd not visit any of those sites or leave any personally identifying information. It's not a good indicator of our ability to avoid spyware/adware/spam/phishing if we don't have all the tools we normally have. For instance, looking at where the links actually go. Or for instance, the fact that I don't have a PayPal account or something along those lines.

It's kind of like asking me if a wooden block is painted black or white, but I can't look. There's a 50% chance I'll be right, but without using my eyes, which are the best way to find out the answer, it's mostly just a guess.

In the adware/spyware/spam tests, All of those sites are high alert sites where you'd never want to submit any personal information.

In the phishing test, you'd have to rely mostly on looking where the links take you and whether or not the e-mail you're getting makes any sense to your current situation.

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #12 on: November 24, 2007, 08:44 PM »
Honestly, I think these kinds of things are purely scams.

"Hey! Take this test to find out that you suck and that you need to buy our products!"

It's pure scareware.

These things need context, which was missing from the screenshots. No - you need to hover to see the links to know if it's a legitimate link. No - you need to read the EULA for software. It's a craps shoot. Sure, we can detect a lot of scams at a glance but we're certain to fail at some point if the scammers are doing their jobs well, which they should be doing!

The tests are just rigged.

It's this kind of thing that undermines my faith in security software and the security industry in general. They prey on fear rather than reality.

I for one would like some honesty for a change. Am I asking too much?
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,747
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #13 on: November 24, 2007, 08:48 PM »
I for one would like some honesty for a change. Am I asking too much?

Honestly? Yes, most likely.

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,884
    • View Profile
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #14 on: November 25, 2007, 02:13 AM »
I don't know about anybody else, but when taking these tests, I looked at the sites & emails with suspicion, taking my time, thinking they were all evil until 'proven' good.

Is this how I normally approach things? Do I always read the privacy policy before handing over my email address? No. Most of the time I don't even know if the site even has one. (maybe I should, but I don't)

Rather than trying to find some holy grail for eliminating spam, maybe we should start treating any site that wants our email address a bit more suspiciously, and at least read their privacy policy. (not that I am currently throwing my email address mindlessly all over the web, mind you)

Honestly, I think these kinds of things are purely scams.

"Hey! Take this test to find out that you suck and that you need to buy our products!"

It's pure scareware.

Bottom line, it doesn't matter what security software you buy and use, you can still be fooled into trusting when you shouldn't. Don't let your guard down. Don't let any software give you a false sense of security and think that since you run it you are allowed to be stupid.

I have always said that Common Sense™ is the best antivirus, best antispyware, best antispam...anything else is a backup for when/if that fails. And upgrades are available daily, meaning your defenses improve with experience.

If nothing else, consider whatever you got from these quizzes as a minor upgrade to your Common Sense™, even if all it was, was just a tiny bugfix that leads you to be a bit more careful than you were before.

It's this kind of thing that undermines my faith in security software and the security industry in general. They prey on fear rather than reality.

I for one would like some honesty for a change. Am I asking too much?

It is asking too much.

Who do you want it from, any way? The spammers? the phishers? the spyware makers? They are not about to be honest with anybody, and we really do need to sharpen our noses more every day to stay on top of things and not get fooled.

Now if you want honesty from the anti-nasty industry, you will only get it partially from any of the 'reputable' companies. They still need you to want to use their product, and any notion that their product is unnecessary doesn't translate into being able to stay in business for long.

A popup when your firewall blocks something inbound...the only purpose is to scare you into thinking that you better never get rid of your firewall...it's 'evidence' that it is actually doing something. It could just as easily block and log without bugging you. (personally, I wish it were possible for that 'blocked inbound' popup to be replaced with a popup for when it fails to block something inbound/outbound that it should have been able to block. That would be more useful.)

Up until Blaster hit, the majority of PC users didn't even know what a firewall was. Now we all not only know what one is, we also all know we need one.

Which is better? That people should wait until they have a disaster to understand the need for security? Or some anti-nasty's scare tactics get the message through their heads before a disaster happens?

To anyone here that has a life insurance policy...did you buy it because you think you are going to die tomorrow? or because you think it is possible that you might? If you were to die, when the insurance company hands your family the check, is it going to matter to them which one you thought? or will they just be glad you had the sense to buy some insurance and that they can afford to put you in the ground?

Security software is an insurance policy, and the tactics used to sell it is much the same as selling life insurance. You will never hear a sales pitch from an insurance company that says 'Humans die, would you like some life insurance?'

They will more likely try to scare you by telling you how great the possibility is that you will die long before you get old, and it will happen when you least expect it, and if you don't prepare now, your poor family will suffer when you are gone.

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: How good are you at spotting spyware, spam & phishing traps?
« Reply #15 on: November 25, 2007, 02:27 PM »
Yes - a form of insurance. True.

I have anti-virus software running on this machine. Paid for too. Not a free version. That's because I sell software and I figure that it's the responsible thing to do. I can't risk anyone else's well being due to my own negligence.

Incidentally, every single virus alert I've had has been a false positive.

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker