+32 50895535
info@brussec.com

Quiz Solutions

Curious to see where you went wrong and why?

Here is the solution to our quiz!

Email 1: QuickBooks

Real of Fake? Real.

The email comes from @quickbooks.com, the legitimate email address of the company. They are not trying to get you to click a link and are just supplying information.

QuickBooks Email

Email 2: Wells Fargo

Real of Fake? Fake.

They are not greeting you with your first name, they’re being suspicious about who has sent you money. They’re trying to get you to open an .htm file, which is a very unusual attachment to send.

If they need to call the attachment “Secure Mail Attachment”, you can safely assume it probably isn’t as secure as they claim.

Furthermore, the email has a bunch of spelling errors, like the footer: “an address that dose not receive replies”

Wells Fargo Email

Email 3: Dropbox

Real of Fake? Fake.

Dropbox only sends emails from @dropbox.com.

Although some companies prefer contacting them (for logging reasons), they would most likely also give you a link with the advice to change your password. This depends on the company, so it wouldn’t be something where you could fully judge the legitimacy of the email from.

These attackers have since then been caught and Dropbox now owns the domain dropboxteam.com, but will never use it to send emails.

Dropbox Email

Email 4: Google

Real of Fake? Real.

The email comes from a legitimate email address at Google, uses a lot of personalization in the email and uses the correct Google layout.

No spelling mistakes whatsoever in this email.

Google Email

Email 5: Apple

Real of Fake? Real.

The email comes from a legitimate Apple email address, they use your name and no spelling mistakes are found whatsoever. They’re also not trying to create urgency to click the link.

Apple Email

Email 6: Apple

Real of Fake? Fake.

The email comes from @id.xlogin-apple.com, an email address that is not owned by Apple. They are using a lot of words to create urgency like “unauthorized”, “immediately”, etc.

Apple Email

Email 7: PayPal

Real of Fake? Real.

The email comes from a legitimate email address at PayPal and they’re not trying to make you click any links.

PayPal Email

Email 8: TransUnion

Real of Fake? Real.

The email comes from a legitimate email address, is visually pleasing without spelling mistakes. They are using personalization in the email and despite the urgency, they are not telling you to click a specific link. Rather, they just ask you to login (which could be directly from the website as well).

TransUnion Email

Want to know more?

Head over to our Phishing page to see what we can do to help you and others in your organization protect yourselves from these fake emails.

Tell Me More!
Westeindestraat 121 bus 04-01,
9990 Maldegem,
Belgium
Phone – +32 50 89 55 35
Email – info@brussec.com
VAT – BE 0763.805.021
IBAN – BE54 7310 5102 4597

Give us a call

We’d like to give you the best information as possible. So if you have any questions about our service, feel free to contact us on the phone number above.

About Us

Brussec Security is a company that specializes in Penetration Testing services. In human language it means that we act like hackers in order to prevent them. We try to get into your system before the bad guys and we fix the security holes.

Read More

Newsletter

    Copyright © 2022 Brussec Security Group BV. All rights reserved.

    PGP Key