Test your phishing detective skills

Security software vendor McAfee has created a ten-question quiz to see how well you can spot a phony website. If you’ve been reading my tips here, I expect you to do very well. Let’s find out.

The quiz has some excellent examples of common phishing scams, and it’s a very good primer on how the bad guys operate.

Both Internet Explorer 7 and Firefox 2 have built-in phishing filters. These provide an additional level of protection by checking any site you visit against a list of known malicious web pages.

Depending on which browser you use, make sure the phishing filter is enabled:

Internet Explorer 7: IE 7 asks you during installation if you would like to enable the phishing filter. To double-check, click the Tools menu, then Internet Options, and then the Security tab. With the Internet zone selected, click the “Custom Level” button and scroll down through the settings until you find “Use Phishing Filter.” Make sure it’s set to “Enable.”

Firefox 2: Click the Tools menu, then Options. Click once on “Security” on the top menu bar to highlight it. Then make sure the “Tell me if the site I’m visiting is a suspected forgery” option is checked. Under that, select “Check using a downloaded list of suspected sites.”

Phishing filters are, of course, not a substitute for paying attention, but they can certainly help. Use them to back up your newly-heightened awareness after taking the quiz.

Oh, in case you’re wondering, I got a perfect score on the quiz. Why else would you take my advice?

UPDATE 9/16/07: McAfee has taken down the phishing quiz site referenced above. However, Internet security vendor SonicWALL has an even tougher quiz on their site. Here’s a link.