Back to Guides

Phishing Prevention

15 min readBeginner to IntermediateLast updated: May 2023

Email Phishing Detection

Phishing emails are fraudulent messages designed to trick you into revealing sensitive information or installing malware. They often appear to come from trusted sources like banks, colleagues, or well-known companies.

In this Level 1 quest, you'll learn to identify the telltale signs of phishing emails and test your knowledge with real-world examples.

Common Phishing Red Flags

  • Suspicious Sender Address

    Domains that mimic legitimate companies but with slight variations

  • Urgency or Threats

    Creating pressure to act quickly without thinking

  • Suspicious Links or Attachments

    Prompting you to click links or open files that may contain malware

  • Poor Grammar or Formatting

    Unprofessional writing or inconsistent branding

  • Requests for Sensitive Information

    Asking for passwords, account numbers, or personal details

Phishing Detection Challenge

Spot the Phishing Elements
Review each email and identify the elements that indicate it's a phishing attempt. Select all that apply.
1 of 5 emails

From: security@bankofamerica-secure.net

Subject: URGENT: Your Bank of America Account Has Been Compromised

Today, 10:23 AM

Dear Valued Customer, We have detected suspicious activity on your Bank of America account. Your account has been temporarily limited until you verify your information. Please click the link below to verify your identity and restore full access to your account: VERIFY ACCOUNT NOW If you do not verify your account within 24 hours, your account will be suspended permanently. Bank of America Customer Service Team This is an automated message, please do not reply.

What makes this a phishing email? (Select all that apply)

Navigate through all emails and submit when you're ready
Quest Progress
Level 1 Completion0%
Phishing Quiz
Incomplete
Points Earned
0

Score at least 70% on the quiz to complete Level 1

Quick Tips

Verify the sender

Check the full email address, not just the display name.

Hover before clicking

Hover over links to see the actual URL before clicking.

Be skeptical of urgency

Legitimate organizations rarely create extreme urgency via email.