Think you can spot a hacker's phishing email? Take Google's quiz and find out

  • Google and its sister company, Jigsaw, made a quiz that you can use to test your ability to spot phishing emails designed to gain access to your personal information.
  • The quiz shows you eight fishy email templates to see whether you can tell the legitimate emails apart from those intended to steal your data.
  • The average user receives 16 malicious emails a month, so it’s more important than ever to be aware of what to look out for when sorting through your inbox.

Phishing emails aren’t always as obvious as Nigerian princes asking for money.

Hackers have advanced in their practices, and it’s become a lot harder to tell whether that suspicious-looking email is legit. In fact, more than 75% of organisations surveyed in an annual cybersecurity report from Wombat Security said they had experienced phishing attacks in 2017.

This is why Google and Jigsaw – a security-focused tech incubator owned by Alphabet, Google’s parent company – teamed up to create a quiz that measures your ability to determine which emails seem to be phishing attempts. The eight-question quiz takes you through various email examples and asks you to decide whether the emails are designed to gain access to your passwords and sensitive information.

The examples in the quiz are inspired by real phishing emails, Google said. This includes a phishing attempt in May 2017 from hackers that sent emails with fake Google Doc links.

Here’s how the quiz works.


Before getting started, you’ll be asked for a name and email to use for the quiz. Don’t worry — they can be fake or decoy inputs, since they’re used only to create the email templates for the quiz.


The quiz has eight questions, each with a different email setup based on real-life phishing emails. It’s up to you to decide whether each email is a phishing attempt or a legitimate message.


It’s possible to determine the legitimacy of each email by digging around in its contents a bit first. Hovering over any link in the email will bring up the button’s URL, which you can use to determine if the email is the real deal.

The email in the quiz isn’t real, so clicking on a link in the body won’t bring you anywhere. But remember that doing so on a real phishing email would give hackers access to your information.


You can also open up the header in the sample email to explore more details about the message and its sender. In doing so, you can see more clearly if the sender is someone you know, and if the sender’s email is one you recognise.


After you make your guess about each email’s legitimacy, the quiz will walk you through the steps you can take to check out an email’s details and better determine whether it’s a scam or not.


But that’s only the first email sample of the eight in Google’s quiz. The second question tests your aptitude for spotting lookalike URLs that could trick you into clicking.


This one makes you pay special attention to the identity of the sender and encourages you to double-check the bogus-looking Google Drive link.


This email mirrors messages people may get from online storage sites, such as Dropbox.


This template tests your trust of suspicious-looking PDFs, which can often include malware or viruses. Google suggests opening files first in an online service, like Google Drive, to ensure you don’t download a virus directly to your computer.


Google said this email looks almost identical to a phishing attack used to successfully hack politicians’ emails.


An email similar to this was used to target think tanks and politicians. This email shows that suspicious links can be hidden within real-looking URLs.


This email sample reminds you to be cautious when deciding whether to grant account access to developers. Emails like this from Google are common, but it’s important to make sure you check the domain details to ensure it’s actually from Google.


No matter how well you do on the quiz, you can use the phishing examples to look out for sketchy-looking messages in the future.

You can take the quiz for yourself to see if you can spot when you’re being phished.

Business Insider Emails & Alerts

Site highlights each day to your inbox.

Follow Business Insider Australia on Facebook, Twitter, LinkedIn, and Instagram.