Free Spot The Phish Quiz
Think you can spot the phish? In this quiz, you'll be presented with a series of 10 emails, some of which are legitimate and others, phishing attempts. To pass the quiz, you need to correctly identify at least 80% of emails.- Check the sender domain for lookalikes like micr0soft[.]com or subdomains like netflix[.]cmail31[.]com.
- Hover over links to preview the real destination (but don't click).
- Watch for urgency as attackers try to get you to act quickly to force mistakes.
- Remain skeptical of attachments especially if they include executable or unfamliliar file types.
- Look for unusual requests such as unexpected password resets, MFA codes, and invoices.
Your result
You got 0 out of 10 correct.
What You'll Learn By Taking This Phishing Quiz
You’ll get hands-on practice identifying the most common phishing red flags. By the end, you’ll be better at spotting urgency traps, suspicious senders, and unsafe links or attachments before you fall victim.
- How to identify sender domain tricks (lookalikes, obscure domains, and suspicious subdomains).
- How to evaluate links and attachments safely before interacting with them.
- How to recognize social engineering patterns like urgency, fear, and “too good to be true” offers.
Why You Should Regularly Train How To Spot Phishing
Phishing succeeds when emails look routine and you’re moving fast. This quiz helps you slow down and build a repeatable mental checklist so you can confidently decide whether an email is legitimate or a phishing attempt.
Review the explanations after each question to understand what you missed and strengthen your ability to catch phishing emails in your inbox at work and at home.