Email & Identity Security

This quiz is designed to test and strengthen your understanding of the email and identity security risks you may encounter in your daily work. Each question presents a realistic scenario, including suspicious emails, unexpected authentication prompts, potential phishing attempts, account‑related warnings, and situations where your identity or login details could be targeted. You will be asked to choose the safest and most appropriate response in each case.

The goal of this exercise is to help you recognise modern email threats, protect your identity, and apply the best practices that keep both you and the organisation safe. By working through these examples, you will build stronger awareness of how attackers attempt to gain access and reinforce the habits that support a secure working environment.

Make your attempt count, there’s only one chance to pass this quiz.

By continuing, you agree that System Force can use your details to send you your quiz results by email.

What additional topics would you like to see covered in future cyber resiliency sessions?

How confident do you feel in your ability to identify and respond to cyber threats after attending this webinar?

Which part of the training did you find most valuable for improving your cyber resiliency skills, and why?

Any additional feedback you would like to make us aware of?

What could be an indication of credential stuffing?

A link to a fake password reset page

A large volume of login attempts

Personalised emails from a fake account pretending to be your manager

A malicious link which redirects to a fraudulent page

Why are spoofed/compromised business email attacks effective?

Emails are sent from random addresses

Emails appear to be from legitimate sources

The emails contain obvious requests for login details

Attackers send large quantities of emails

What is "Consent Phishing"?

A fake login page which steals passwords

Guessing passwords with an automated tool

A malcious application which asks for the user to provide permissions

Acquiring sensitive information via phone call

What is the best method to keep your passwords secure?

Using passwords that follow a memorable pattern unique to you

Creating passwords that mix symbols and numbers with familiar phrases

Reusing a strong password across trustworthy accounts

Using a randomly generated password, stored in a password manager

How might you tell that an email is a phishing attempt?

The email asks you to update your preferences

The email has spelling or grammatical issues, despite saying it is from a company you are familiar with

The company logo on the email is smaller than expected

The subject of the email refers to a project you are working on

You receive an email relating to your login. What could be a sign that it is fraudulent?

The link contains a domain similar but not identical to your organisation

The email contains a reference to recent changes made by your IT company

It claims your session expired earlier than expected

The email uses language that is concise and technical but may be difficult to understand

Which of the following would be a good habit to keep your accounts secure?

Removing third party apps you havent used in a long time

Sharing passwords with friends and family

Using the same sign in details for multiple accounts

Only updating your passwords when you have to

You realise you have clicked a suspicious link, what should you do?

Delete your browser history

Close the page immediately and report the incident to IT

Restart your device

Block the sender

Why should you avoid using your personal email for work related communications?

The file structure of your personal account is different

Your company's security policies and monitoring will not be applied

Personal mailboxes are less likely to receive promotional emails

Personal accounts have a different colour theme

What is the biggest benefit of Multi‑Factor Authentication (MFA)?

It prevents leaking of passwords

Adds a second layer of verification, which is harder to leak.

Ensures credentials expire when they should

It removes the need for a password

How could you tell that an email attachment may be malicious?

The file icon looks unusual

File name is longer than expected

An unusual or unexpected file format

The attachement size is different to what you might expect

You have received an email you believe is suspicious, how should it be handled?

Open the email to confirm your suspicions

Report the email to your IT company, and then delete it

Ignore it

Forward the email to your IT company

What is the most important detail to check when inspecting a potentially suspicious link?

If the URL matches what the email says it leads to

If the link uses HTTP rather than HTTPS

Whether the font size matches the rest of the email

Whether the domain ending is familiar to you

Exit