Technology @beehaw.org Peaces @infosec.pub 1 yr. ago

Are you smarter than a scammer? Take this quiz.

wapo.st Are you smarter than a scammer? Play this game.

Scams are everywhere, and scammers are relentless. Think you know how to best avoid falling for a scam? Take our quiz and find out.

Take this quiz to find out if you can spot what’s real and what’s fake

WP gift link expires in 14 days.

56 comments

This quiz is dumb af. The two that weren't scams didn't give you enough info to identify if they aren't and they both just as likely to be scams? And at the end they said it was still possible for me to get scammed even though I called every single item a scam. How am i gonna get scammed if i assume they are all scams?
- Exactly. There was no context.
  
  Did the person actually sign up for GeekSquad AV? They didn't say.
  
  Does the person actually have a Facebook account? They didn't say.
  
  Plus I always assume anything that references Facebook in an email is a scam.
  
  It's never a bad thing to be overly cautious when it comes to this stuff
- If you take the quiz it all you don't get a 100%. That's the real test.
  
  That doesn't make sense. Don't trust Washington post either? Got it.
- Honestly, I did pretty well (except the last one which I had no way of knowing was a legitimate web site -- and what the hell kind of name is that for a legitimate site anyway? But I digress...), but I would have taken steps to verify every single one of these before taking any further action. I just inherently distrust email and SMS messages.
- How am i gonna get scammed if i assume they are all scams?
  
  Because presumably you still interact with society as opposed to going full unibomber, and so you can't do that.
  
  The two that weren’t scams didn’t give you enough info to identify if they aren’t and they both just as likely to be scams?
  
  They were
  
  spoiler
  
  a real bank statement and a real settlement.
  
  It'd be weird if they weren't something that applied to you but it's still not a scam, and they explain how to tell.
  
  The article and quiz talk specifically about these types of vectors for scams. If i assume they are all scams there is a zero % chance i get scanned in this way. Even on the two not a scams they talked about better alternatives to ensure their authenticity which i would have done as soon as i saw any of these "scams" its just a poorly written article that just assumes any wrong answers mean you are more likely to be scammed. I understand there is no way to 100% avoid being scams especially if you just out in the world but the answer from the article is dumb.
  
  Edit: also the censored info made it impossible to tell if it was real.
I didn’t click the link, it felt scammy. Did I pass?
Psh. That last one could easily be a scam. Maybe scammers haven't tried the fake class action settlement website angle yet, but they will, and I have no intention of being their first victim.
- Half the emails in my junk inbox are 'class action settlement' emails, so it's definitely an angle they're trying (presumably with some success)
- Yeah even if the last one is not a scam, it is a scam to me, even if I knew about it. I'd go and apply on the official website rather than from the email itself.
- Yeah, but the point is that if you open a web browser and look that settlement up, you’ll find a ton of authoritative sources that link back to that URL.
  
  The point of this wasn’t to see if you could tell if each thing was likely to be a scam in the context that you would genuinely run into them.
  
  If my grandma approached me with the class action website and asked if I was a scam, I’d tell her “it looks really suspicious, let’s see if we can find anything from a credible source that will link to this website.” Which is exactly what the article tells you to do. Of course nobody could just magically know if a screenshot of a webpage is scam just by looking at it.
  
  The other options all either give you enough information in the screenshot to be able to Google a couple things and say “it’s a scam” confidently (class action, geek squad), or they’re full of super blatant red flags (Zelle bike).
Damn, I got the antivirus one wrong because it wasn't clear I didn't buy the thing in this scenario.
- Yep. It relies on information not present in the example. It's intended for most people to get wrong.
  
  Similarly the Facebook one genuinely looks like a scam unless you know of the Facebook case.
  
  It’s intended for most people to get wrong.
  
  So what you’re saying is… …this article is a scam?
  
  You (and half the people in this thread) are totally missing the point here.
  
  No where does the article say that you’re supposed to be able to tell if it’s a scam or not just by looking at it. In fact, in multiple places it says that you’ve got to ~~Google~~ use a credible source to externally verify some information to determine that some of the examples are scams.
  
  The point of the article is to teach people how to recognize scams, it would be totally useless if it imposed the constraint that you can’t look for context. If you’re actually trying to recognize scams IRL, you should be doing exactly what the article says and looking for authoritative corroboration of any information in the potential scam.
  
  I actually got that one, because I know settlements are a thing and I knew to search it.
- Still, who pays 419$ for an antivirus?
  
  I don't know. Isn't a Windows license in the hundreds too?
- The correct thing to do if you got that email would be to try to verify the information that it presents. Is Geek Squad Academy a real thing? How much does their antivirus cost?
  
  Which is exactly what the article says to do, and what you should have done before answering the question. Of course the getting the questions right doesn’t matter, but the question and explanation are an excellent example of what they’re trying to teach.
  
  Also, the grammar was just a little bit funky in that email. Could just be that the geek squad email writer has funky grammar, but it’s definitely a red flag that should make you want to double check the info in the email.
Nice try, scammer.
This is not a good article

To know if an email is a scam I would check the domain of the link it's sending, which this doesn't provide

Also you shouldn't trust the sender address of an email, you can spoof that
This looks complicated. I will just DM you my account number, address and credit card details, ok?
I'm not falling for that.
I just assume everything is a scam now 🫠
If you clicked that link then, no, you are not smarter than a scammer.
Permanently Deleted
This reminds me of the site to see if your email address had been pwned or not.
Well, if you looked yourself up, I’ve got some bad news for you….
- You're wrong on this one, as the other comment noted.
  
  Have I Been Pwned has a database of leaked credentials, with notes on where the data originated, when said site was hacked, etc. It is an incredibly good resource to see if any site you use has leaked your data in a breach, and how compromising that data is (legible or unsalted passwords, credit card information, etc.).
  
  It is a tool used to react intelligently to data breaches. You input your email address, and it tells you if your email address is present in any leaked data sets. If so, you go change that password as fast as you can.
  
  For your comment to make any sense, giving someone your email address means you've been "Pwned". I guess you don't subscribe to a lot of newsletters, then? How does entering your email address give anyone an advantage, apart from the knowledge that it exists? 🤔
  
  The exact same feature is baked into Chrome's password manager, 1password, and many others. Does that mean that users of those services have been "Pwned"? 😐
  
  I stand corrected, with thanks!
- Pwned is legit though. its just databases of breaches.
  
  Thanks!
I feel like this link is a scam itself lol
Wapo claims that the email being from official chase means it’s not a scam but scammers can spoof emails.
Not sure how paying for an item online using Zelle is in itself a scam. The scam would only come later if the stranger had requested your bank info, or you reply to a dodgy email, etc, but so far nothing untrustworthy had happened yet? I don't think that was a good question.
- Obviously one can use Zelle legitimately, but somebody requesting online payment and then sending somebody else to get the goods is like 95% a scam. I think the more common Zelle scam is that they fake a Zelle email that only looks like they paid you.
- I've been nearly scammed like this myself. If you sell something and somebody wants to pay you via an external site (no simple transfer) without being interested in the product, it is an extremely red flag
So every question was a scam or not quite a scam. Sure.
This isn't a scam is, it? 🤔

You've viewed 56 comments.