🔥 Welcome to the Phishing Awareness Quiz – Level 3: Red Team Edition!
This expert-level quiz simulates real-world attack scenarios that only the most vigilant can spot. Each question is designed to challenge even seasoned professionals. Achieve a 95%+ score to earn your elite certificate and prove your mastery.
🏆 Curious who’s topping the charts?
👉 View the Leaderboard
1️⃣ You receive a perfectly crafted invoice email from a known supplier. The sender domain matches exactly, SPF and DKIM pass. What is the most likely explanation?
2️⃣ Which technique most effectively bypasses 2FA protections when credentials are phished?
3️⃣ An attacker registers the domain “apple.support” and gets a valid SSL cert. What makes this particularly dangerous?
4️⃣ You suspect a phishing site is using Punycode in its domain. Which of these domains is an example of that?
5️⃣ Which tactic is commonly used in Business Email Compromise (BEC) but less so in generic phishing?
6️⃣ What advanced technique involves registering expired domains of legitimate vendors to continue receiving emails?
7️⃣ A phishing email contains no links but asks you to call a “secure helpline.” What is this called?
8️⃣ You see an email with an apparently correct sender, no SPF failures, no DKIM failures, but suspicious content. What is your next step?
9️⃣ Which file type is most commonly used to deliver malicious payloads in phishing campaigns targeting enterprise environments?
🔟 You click a phishing link and land on a cloned login page. What subtle detail might expose it?
