Google’s internal think tank Jigsaw has released a new phishing quiz designed to test if users can tell the difference between a legitimate and malicious email.
Jigsaw stated in a blog post Tuesday that its test includes “the latest tricks and techniques” used by hackers to target millions of people daily.
“Phishing is, by far, the most common form of cyberattack,” Jigsaw writes. “One percent of emails sent today are phishing attempts.”
The quiz is based in part off of security training sessions Jigsaw says it has given to nearly “10,000 journalists, activists, and political leaders” around the world.
Comprised of eight test emails, the quiz provides examples with everything from links to fake Gmail login pages to messages containing suspicious PDF files.
After guessing whether the email is legitimate or not, users are informed of the correct answer and are shown what signs to look for.
Aside from having a strong and unique password for your email account, Jigsaw notes that enabling two-factor authentication is the best way to protect oneself against malicious actors.
“When you have two-factor authentication enabled, even if an attacker successfully steals your password they won’t be able to access your account,” the company adds.
Jigsaw specifically cites some of the more famous real-world examples of such attacks, including the spear-phishing campaign against John Podesta, Hillary Clinton’s campaign manager, by Russian intelligence services during the 2016 election season.