Free Tool
Phishing Email Quiz
Can you spot a phishing email? Test your skills with 10 realistic email scenarios and learn the red flags that give attackers away.
Red Flags:
Quiz Complete!
Your Answers
Get the Phishing Training Guide
Receive a comprehensive phishing awareness training guide for your team with tips, examples, and best practices.
Check your inbox!
Your phishing training guide is on its way.
How It Works
Review Each Email
Read 10 realistic email mockups — some legitimate, some phishing.
Make Your Call
Decide if each email is legitimate or a phishing attempt.
Learn the Red Flags
After each answer, see the explanation and red flags to watch for.
The Phishing Threat
Phishing is the #1 attack vector for cybercriminals. In 2023, 83% of organizations experienced a phishing attack, and 91% of all cyberattacks begin with a phishing email. The average cost of a successful phishing attack on a mid-sized business is $1.6 million.
Common Red Flags
- Sender mismatch: Display name says "Microsoft" but email is from a random domain
- Urgency & threats: "Your account will be suspended in 24 hours"
- Suspicious links: Hover to see where they really go before clicking
- Generic greetings: "Dear Customer" instead of your actual name
- Unusual requests: Asking for passwords, payment changes, or wire transfers
Protect Your Business
Employee training reduces phishing click rates by up to 75%. Combined with email filtering, MFA, and managed cybersecurity services, businesses can dramatically reduce their risk of a successful phishing attack.
Frequently Asked Questions
Are these based on real phishing emails?
Yes. Our quiz emails are based on real-world phishing campaigns that target businesses. They use the same techniques attackers use: spoofed sender names, urgency, and deceptive links.
Can I use this to train my team?
Absolutely! Share this quiz with your team as a quick security awareness exercise. For more comprehensive training, download our training guide or contact us about our security awareness programs.
What should I do if I receive a real phishing email?
Don't click any links or open attachments. Report it to your IT department or email security team. Most email clients have a "Report phishing" option. If you accidentally clicked a link, change your password immediately and enable MFA.
How often should employees take phishing training?
Security awareness training should be conducted at least quarterly, with phishing simulations sent monthly. Regular practice keeps employees vigilant — phishing techniques evolve constantly.
What percentage of employees typically fall for phishing?
Before training, about 30% of employees click phishing links. After regular training, this drops to 5% or less. That's why security awareness programs are one of the best cybersecurity investments a business can make.
Protect Your Team from Phishing Attacks
Our cybersecurity services include phishing simulations, security awareness training, email filtering, and MFA deployment to keep your business safe.
Explore Cybersecurity Services