Question 1: Email Sender
You receive an email from "security@paypa1.com" asking you to verify your account details. The email looks professional but has several spelling errors. What should you do?
Click the link and verify your details
Reply to the email asking for more information
Delete the email and visit PayPal directly
Forward it to friends to warn them
Correct Answer: Delete the email and visit PayPal directly. The domain "paypa1.com" is a common phishing tactic, and legitimate companies rarely ask for verification via email links.
Question 2: Urgent Action
An email from your "bank" says your account will be suspended in 24 hours unless you click a link to update your information. The email creates a sense of urgency. Is this likely legitimate?
Yes, banks often send urgent security notices
No, this is a common phishing tactic
Maybe, I should call the number in the email
It depends on the bank
Correct Answer: No, this is a common phishing tactic. Legitimate financial institutions don't suspend accounts with such short notice and rarely ask for sensitive information via email.
Question 3: Attachment Safety
You receive an email with an invoice attachment from an unknown sender. The file has a .exe extension. What should you do?
Open it to see what it is
Delete it immediately without opening
Scan it with antivirus first
Forward it to IT department
Correct Answer: Delete it immediately. .exe files from unknown senders are almost always malicious and can install malware on your computer.
Question 4: Website Verification
You click a link in an email and it takes you to a login page that looks identical to your bank's website. How can you verify it's legitimate?
Check if the images look correct
Verify the URL in the address bar
See if there are spelling errors
Look for the padlock icon
Correct Answer: Verify the URL in the address bar. Phishing sites often use domains that look similar to legitimate ones (like "bankofarnerica.com" instead of "bankofamerica.com").
Question 5: Personal Information
A company you've never heard of emails you a prize notification asking for your Social Security number to process winnings. What should you do?
Provide the information to claim your prize
Ask for more details about the company
Ignore and delete the email
Report it to the company they're impersonating
Correct Answer: Ignore and delete the email. Legitimate prize notifications don't require sensitive personal information upfront, and your SSN should never be shared via email.