After taking the Phishing Box’s Phishing Test, I was greatly confused. I thought the majority of the emails looked and sounded legit, and they easily could have been. However, after finishing my first attempt, I failed the test with a 50%. After another try, I improved my score to an 80%.
Keys when analyzing the emails were detailing suspicious activity or changed account information to different services. Emails sent with official letterheads and logos helped signifying legitimacy.
Even after analyzing my final two missed questions, the Apple ID “Password has been reset” and Dropbox “Two-step verification” emails, I have not found my errors. To me, they look legitimate, with the labels and logos as mentioned previously.
The emails describe circumstances that could have easily happened and warn user Mark Twain of changes to his account. I am still not certain why these are labeled phishing emails. If anything, they look like they are an attempt to save Twain from future phishing.
Looking forward, Phishing Box should have an answer key at the end of the test explaining the reasoning behind each answer. This would further educate test takers on phishing and clear up any confusion.
