Phishing Awareness Quiz

The correct answer is BEC (Business Email Compromise), which specifically refers to attacks that exploit legitimate business email accounts to carry out unauthorized fund transfers.

To spot a spear phish, look for unexpected requests from known contacts, personalized messages that seem unusual, emails asking for sensitive info or urgent action, and inconsistencies in the sender's email. All these signs indicate a potential spear phishing attempt.

Angler Phishing involves attackers creating fake profiles or hijacking legitimate ones on social media to trick users into sharing personal information or downloading malware, making it the correct choice.

Smishing specifically uses text messages to trick individuals into revealing personal information or downloading malicious content, making 'Text messages' the correct answer.

Phishing typically involves emails that appear to be from unknown or suspicious sources. Emails from a known source are not characteristic of phishing, as they usually aim to deceive by impersonating legitimate entities.

Opening a phishing link often leads to a fraudulent website that requests personal information, making 'A website opens asking for additional personal information' the correct scenario. Other options are less likely.

A common characteristic of phishing attacks is that the sender's email address often does not match the expected sender name, indicating a potential scam. The other options do not accurately describe typical phishing traits.

Falling for a phishing attack can lead to anxiety due to the stress of potential identity theft and financial loss. Additionally, reputation damage may occur if sensitive information is leaked, affecting personal and professional relationships.

If an employee falls for a phishing attack, it can lead to ransomware infections, financial losses, and significant damage to the organization's reputation. Therefore, the correct answer is 'All of the above'.

The correct choice is to report the phishing attack immediately via email to phishing@aum.edu. This ensures that AUM can take action, rather than just deleting it or informing peers later.