I just went through the knowbe4 security training mandated by my work. It was pretty good. But I was very surprised when the quiz software told me I got a certain answer "wrong". I researched it, and the quiz is slightly wrong, and the answer should be updated. See the screenshot:
Compare that with a more accurate definition for phishing:
"Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords." -- http://www.phishing.org/what-is-phishing
Although a phishing email can include an attachment, it usually doesn't. It has malicious links instead. The quiz answer makes it sound like the very definition of a phishing email is one that contains a malicious attachment. This is misleading and should be re-worded.
I hope you guys will modify that 1 question/answer and make it more accurate. Thanks.
Please sign in to leave a comment.