Phishing methods: email, SMS, and voice

What this quiz covers

Phishing isn’t just suspicious emails—smishing texts and vishing calls use urgency, authority, and fake verification steps to push risky actions. These questions focus on how attackers craft messages, what clues reveal them, and what a safe response looks like.

Each question has 4 options and there’s no timer, so you can slow down and reason through details like sender identity, links, attachments, and social engineering cues.

Skills you’ll practice

You’ll practice distinguishing legitimate notifications from spoofed ones, identifying pretexting and urgency traps, and choosing the best next action (verify via trusted channels, report, or ignore). The quiz also reinforces how attackers pivot between channels—email to SMS, SMS to phone calls—to increase credibility.

Common pitfalls to avoid

Many people over-trust familiar brands, panic at “account locked” warnings, or assume a local phone number means legitimacy. Another frequent mistake is focusing only on spelling errors while missing stronger signals like mismatched domains, unusual payment methods, or requests for one-time codes.

Difficulty and question settings

Difficulty is mixed: easier items cover obvious red flags, while harder ones test subtle impersonation, multi-step scams, and realistic message wording. You can choose your preferred question count and difficulty before starting to tailor the session for quick practice or deeper review.

Quick tips for better scores

• Check the sender domain/number and compare it to official contact info
• Treat urgent requests for passwords, OTPs, or remote access as high-risk
• Hover or inspect links (where possible) and watch for lookalike domains
• Verify through a separate trusted channel, not by replying to the message
• Be cautious with attachments, QR codes, and “secure document” prompts
• When unsure, report and delete rather than “testing” the link